XML Digital Signatures •  Chapter 5 173 IGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw3RzQ6Rtkqn1qmyCwmQpC+q37u5cYd6qET8 d4PkTB9w/7GWqgcQdtNGcoym/0RNN8m7c3W5rmzUlHS8PkiiitOvQ+oXGoiyHkT/kLZBLkSLH F957B+20EC9WlCggGOM2U2OPTiMoLV/RW22lO/m5G8K54sFJNF28a0wjeRdaD0QIDAQABo20w azAbBgNVHREEFDASgRBza2lwQHRheWdldGEuY29tMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwF oAU/g8Leo1SC4i5XE3LdvnCR+jCzTgwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA 0GCSqGSIb3DQEBBAUAA0EAGKzEY81y3mA61q6Od7NkovXdXMO9PSX+eQPQiYvk7Fzffo1620W JTds2TRkkromSIfoLxVH49c8T0Efpg0HvDA==</X509Certificate> </X509Data> <KeyValue> <RSAKeyValue> <Modulus> sN0c0OkbZKp9apsgsJkKQvqt+7uXGHeqhE/HeD5EwfcP+xlqoHEHbTRnKMpv9ETT fJu3N1ua5s1JR0vD5IoorTr0PqFxqIsh5E/5C2QS5EixxfeewfttBAvVpQoIBjjN lNjj04jKC1f0VttpTv5uRvCueLBSTRdvGtMI3kXWg9E= </Modulus> <Exponent> AQAB </Exponent> </RSAKeyValue> </KeyValue> </KeyInfo> The signing process will need access to both the signers private key and the certificate in order to generate the signature.This form of the signature gives us assurance that the signer is who they say they are (assuming we can trust the CA; you have to trust somebody!). Required and Recommended Algorithms As we noted earlier, the choice of algorithms to be applied for canonicalization, transformation, and the like is up to the signature’s creator.The W3C has pre- scribed the algorithms that can be expected to be available to all signers and veri- fiers of an XML digital signature (and therefore provide the signature’s maximum portability). A W3C conformant XML digital signature implementation must pro- vide the required components. A conformant implementation may optionally provide the recommended components, but if it does, it must conform with the W3C specification for it.Table 5.1 provides a quick summary of the standard algorithms for XML digital signatures. www.syngress.com