XML Digital Signatures •  Chapter 5 147 Figure 5.1 shows the structure of a digital signature as currently defined within the specification. Figure 5.1 XML Digital Signature Structure <Signature ID?> <SignedInfo> <CanonicalizationMethod/> <SignatureMethod/>) (<Reference URI?> (<Transforms>)? <DigestMethod> <DigestValue> </Reference>)+ </SignedInfo> <SignatureValue> (<KeyInfo>)? (Object ID?)* </Signature> Let’s break down this general structure in order to understand it properly.The Signature  element is the primary construct of the XML digital signature specifica- tion.The signature can envelop or be enveloped by the local data that it is signing, or the signature can reference an external resource. Such signatures are detached signatures. Remember, this is a specification to describe digital signa- tures using XML, and no limitations exist as to what is being signed. The SignedInfo element is the information that is actually signed.This data is sequentially processed through several steps on the way to becoming signed. A graphical representation of this process is shown in Figure 5.2. www.syngress.com Figure 5.2 The Stages of Creating an XML Digital Signature Canonicalization Transforms SignedInfo DigestMethod DigestValue