152 Chapter 5 • XML Digital Signatures An Enveloping Signature Example As our first example, let’s consider an enveloping signature that uses a DSA key. The canonical form of this signature is shown in Figure 5.3. Figure 5.3 Canonical Enveloping XML Digital Signature <?xml version="1.0" encoding="UTF-8"?> <Envelope xmlns="http://example.org/envelope"> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n -20010315" /> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" /> <Reference URI=""> <Transforms> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue></DigestValue> </Reference> </SignedInfo> <SignatureValue> </SignatureValue> <KeyInfo> <KeyValue /> </KeyInfo> <Object Id="object"> The data that we want to sign... </Object> </Signature> </Envelope> Note a couple of important points about this file. First, the dsa-sha1 in the SignatureMethod  line determines the type of key that will be used for generating this signature. In addition, as part of the canonical form, the elements that will get www.syngress.com