OpenSAML user discussion

[rangeli nepal <>]

Final question on this thread. If I open an SAML response generated
using library with an editor like oxygen, it does not verify the
signature. Is it a known issue? is it related to C14n stuff.
Thank you.
rn

On Tue, Nov 2, 2010 at 11:38 PM, rangeli nepal 
<>
 wrote:
> Thanks  a lot for both hints.
> rn
>
> On Tue, Nov 2, 2010 at 11:31 PM, Scott Cantor 
> <>
>  wrote:
>>> any hint will be highly appreciated.
>>
>> Hint 1: Read the relevant specifications, specifically c14n and exclusive
>> c14n. The fact that you seem to want to manipulate content that is related
>> to them suggests you need to understand them first. The terms I used are
>> very elementary in that domain.
>>
>> Hint 2: What you're asking is the wrong question. Start over. Why do you
>> care? You need to adjust your problem or solution such that you do not care
>> about a detail like that, because you will never succeed in controlling the
>> XML to such a degree with any certainty. We generate XML with an inclusive
>> prefix list when the XML involved makes it necessary. That's how it works.
>>
>> What is critical is that the library generate reasonable output and sign it
>> in a robust fashion. That's a continuous process and things keep improving
>> over time. If there's a problem caused by a failure to account for a
>> particular usage (primarily a cut and paste of signed XML into a document
>> with a contaminating namespace context), then it's worth discussing why 
>> it's
>> failing.
>>
>> -- Scott
>>
>>
>>
>>
>