«

Question: If you change the order of attributes within an element that
is part of an XML signature, does that break the digital signature? I
thought attribute order was irrelevant in XML.

For example, suppose the original element when the XML Signature was
created was:

<MyElement a="123 b="456">

and while traversing an intermediary the element gets changed to:

<MyElement b="456" a="123>

Will this break the digital signature?

Thanks for any help on this.

...Don

* wrote in comp.text.xml:
>Question: If you change the order of attributes within an element that
>is part of an XML signature, does that break the digital signature? I
>thought attribute order was irrelevant in XML.

That depends on the particular signature process. Generally speaking,
the document will be put in some canonical form which puts attributes
in a specific order, which would mean you can change the order without
breaking the signature. This is not guranteed however, you have to
check the signature process you are using to make sure.
--
Björn Höhrmann · private.php?do=newpm&u= · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/

.... or to put it another way: Yes, XML Signature itself cares about
attribute order. Many of us think that was a serious mistake and that
the signature should have been defined against the infoset rather than
against the specific syntax... but it is what it is and we're stuck with
it for now.

--
Joe Kesselman / Beware the fury of a patient man. -- John Dryden