I've gotten some comments about my XML Digital Signatures entry, pointing out that since I chose to embed the signing key into the document, nothing is preventing anyone from simply removing the signature, modifying the document, and then resigning with their own key. This is true; in order to effectively use the signature from the previous article, it must be combined with another security mechanism. For instance, if the key could be checked against a known database of public keys, or validated as a key that came from a certificate that belongs to someone you trust, the previous signature would still be secure. If the entire document was encrypted (including the signature), using techniques from the XML Encryption posting, this would also make the signature secure.
However, in the absense of these items, you must distribute the key seperate from the signed documents. When signing the document, you would not add a key info clause, or would only add a key name to this clause, in case there are several keys that are distributed, and you need to be able to select the correct one. On the verification side, you would use the CheckSignature overload that takes the public key. Now the only challenge is to find a secure way to get the people validating your signature a copy of your public key.
Here's some sample code to show how the signature might be computed:
You'll notice the block of code:
Which exports the public key used for signing to an XML file. This file can then be distributed to anyone who needs to verify signatures made with the signingKey object.
To verify the signature:
This is very similar to the previous verification code, except the public key is loaded from the XML file created by the signing step, and then passed to the CheckSignature method.