XML Digital Signatures •  Chapter 5 171 <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <Reference URI="#WeatherReport" Type="http://www.w3.org/2000/09/ xmldsig#Manifest"> <Transforms> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue></DigestValue> </Reference> </SignedInfo> <SignatureValue/> <KeyInfo> <KeyValue/> </KeyInfo> </Signature> </Envelope> The list of Reference elements inside a manifest is independent of any Reference list in the SignedInfo element. At most, one of the manifest Reference elements may leave out the URI attribute. Notice that within the Manifest itself, the Reference elements still have their required DigestValue elements.These will be filled in during the signature genera- tion using the (canonicalized and transformed) data to which the URI refers.The DigestValue within the Reference element that is inside SignedInfo will be the digest for the manifest itself, not the data to which the manifest refers.This subtle change gives us another useful ability:We can handle partial failures of the signa- ture validation. Before a change in any of the weather reports results in a failure of the entire signature.With the use of a Manifest, the overall signature will still be valid, but the individual Reference digest within the Manifest where the change occurred will fail.The others will still succeed.This tool is very powerful because it gives an application that uses the XML signature mechanism the ability to know exactly where the change has happened, and it can then efficiently take the appropriate action. Imagine an entire Web site with a hundred pages that are signed using a single XML digital signature. Imagine that someone makes an unauthorized change to www.syngress.com Figure 5.16 Continued