178 Chapter 5 • XML Digital Signatures Summary A digital signature provides a mechanism for assuring integrity of data, the authentication of its signer, and the nonrepudiation of the entire signature to an external party. A digital signature differs from a message authentication code (MAC) in that a public key system is used to create the signature, whereas a MAC uses a shared key.The use of the public key gives the ability to have nonre- pudiation for a digital signature, whereas a MAC cannot have this property.This is because a private key is used for the signing and the public key is used only for the verification. As a consequence, provided that the private key is not lost or stolen, you can be assured of the identity of the signer of the datastream. The XML specification for digital signatures is flexible. It gives you the ability to sign anything from a simple message embedded in a signature or a message that contains the signature within it or external resources. If necessary, you can create complicated signatures that can be simultaneously any number of the three basic forms. You can also sign parts of documents or an arbitrary list of docu- ments or data sources.The original data is not actually signed; instead, the signa- ture is applied to the output of a chain of canonicalization and transformation algorithms, which are applied to the data in a designated sequence.This system provides the flexibility to accommodate whatever “normalization” or desired pre- processing of the data that might be required or desired before subjecting it to being signed. The preprocessing transformations can be simple go/no-go filtering of XML nodes through the use of XPath. If desired, you can dictate more complicated transformations by applying a style sheet through the use of an XSLT transforma- tion. Finally, using the XML digital signature manifest mechanism, it is easy to manage lists of signed elements.This method is especially useful when there are multiple signers of long lists of elements.An XML digital signature that uses mani- fests signs both the manifest itself (i.e., the list) as well as the actual listed elements. The W3C specification describes the algorithms that are to be available to an XML digital signature mechanism, but these are necessary only if your signatures are to be verified by someone. Private mechanisms can also be incorporated into the signature scheme by specifying their algorithms without breaking the overall formalism. www.syngress.com