signature.doc
TRANSCRIPT
-
7/27/2019 Signature.doc
1/4
The purpose of is to carry a digital signature that can be
verified by the recipient of the message. You use digital signatures to detect
message alteration or to simply validate that a certain part of a message
was really generated by the entity which is listed. As with the traditionalmanually written signature, a digital signature is an addition to the
document that can be created only by the creator of that document and that
cannot easily be forged.
The following shows a partial example:
waSMFeYMruQn9XHx85HqunhMGIA=
-
7/27/2019 Signature.doc
2/4
wDCqAzy5bLKKF+Rt0+YV/gxTQws=
j6vtht/[parts omitted]trCQ==
Details
The parts of this element are as follows:
indicates the parts of the message that are signed by this
signature and indicates how those parts were processed before signing.
In Cach, you can specify the digest method (shown by the Algorithm
attribute of ). See Specifying the Digest Method.
You can also specify the algorithm used to compute the signature (shownby the Algorithm attribute of ). See Specifying the
Signature Method.
holds the actual signature. In this case, the signature
is 6vtht/[parts omitted]trCQ==
This value is computed by encrypting the concatenated digests of the
signed parts. The encryption is performed with the private key of the
sender.
-
7/27/2019 Signature.doc
3/4
identifies the key that was used to create the signature. In
Cach, includes a , which has one of
several forms:
A reference to a earlier in the WS-Security
header, as shown in the preceding example. In this case, the correspondingprivate key was used to create the signature.
Information to identify a certificate, which presumably the message
recipient has previously received and stored. For example, the
could include the SHA1 thumbprint of the
certificate, as follows:
maedm8CNoh4zH8SMoF+3xV1MYtc=
As with the previous case, the corresponding private key was used to
create the signature.
A reference to a earlier in the WS-Security
header. For example:
In this case, the signature was created by the symmetric key indicated
by that token.
Position in Message
-
7/27/2019 Signature.doc
4/4
A element should be included within after the
or that it uses, if any.