Browse by Tags

Tagged Content List
  • Blog Post: XML Digital Signature Verification with Unknown URI Schemes

    A few years back, there was a discussion thread on one of my XML digital signature posts about verifying an XML digital signature which had references to a URI prefixed with cid:. Recently Mattias Lindberg ran into this problem as well, and devised a clever solution to it . Mattias realized that SignedXml...
  • Blog Post: Adding SignatureProperties to SignedXml

    One of the optional portions of the W3C XML digital signature specification allows for a set of SignatureProperties to be assigned to a signature. SignatureProperties allow the signer to place some metadata into the signature itself, such as the time the signature was created and the name of the person...
  • Blog Post: Hitting the Mailbag

    I've gotten quite a few questions from this blog over the past several months. And although I can't answer all of them, here's some quick answers to some of the more common ones. If you do have more questions, its usually best to post them in the comments here or in the microsoft.public.dotnet.security...
  • Blog Post: I'm Published!

    The November 2004 issue of MSDN magazine is available online now, and it includes the first article I've ever had published. I co-authored this month's Trustworthy Code article, Exchange Data More Securely with XML Digital Signatures and Encryption with Mike Downen, the CLR Security PM. Time to head...
  • Blog Post: .NET 1.0 SP 3 and .NET 1.1 SP 1 Released

    Today we pushed .NET 1.0 SP3 and .NET 1.1 SP1 onto Windows Update as a Critical Update. You can also download the service packs from the MSDN download center. Here's a brief review of what's new for security in each service pack: .NET 1.0 SP3 (v1.0.3705.6018) [ download | complete changelist ] 323683...
  • Blog Post: Using DecryptDocument with Super-Encrypted Data

    The EncryptedXml class comes with a nice utility method called DecryptDocument (For more information about using DecryptDocument check out my previous post introducing XML Encryption ). This method will decrypt all the EncryptedData elements it finds, assuming that it is able to figure out what key to...
  • Blog Post: Using the XSLT Transform with XML Signatures

    One of the transforms that ships with the .Net framework is the XmlDsigXsltTransform, which implements the XSLT transform specified in the W3C recommendation. A few people have asked me to write a bit on how to use this transform, so here's a brief explanation and some sample code. This transform basically...
  • Blog Post: xml:id and SignedXml

    A few weeks back, I posted about customizing how SignedXml searches for XML elements identified by a reference to an ID. By default, SignedXml searches for elements with an attribute named Id that has the given value. Recently, the W3C has come up with a working draft for xml:id version 1.0 . xml...
  • Blog Post: Using XPath to Sign Specific XML

    In my last posting , I promised to write about a more general purpose way of selecting specific XML to sign. Although the technique I presented in the last post will work, it requires a custom class derived from SignedXml, and will not work unless both the signer and the verifier have access to, and...
  • Blog Post: Searching for Custom ID Tags With Signed XML

    Last week, I blogged about using references to sign only specific parts of an XML document. The biggest limitation with doing this is that you must refer to the nodes that are being signed by ID, which for v1.1 and 1.0 of the framework was given by an attribute named "Id". The problem there is that the...
  • Blog Post: Signing Specific XML With References

    I've previously blogged about creating XML digital signatures using the .NET framework, but today I'd like to write about a more advanced technique using these signatures. My previous post signed an entire XML document, however, this is not always necessary or even desirable. For instance, if a particular...
  • Blog Post: What's New in XML For Whidbey

    The new XML Developer Center on MSDN has a nice article about the new XML features in Whidbey . The top 10 list is: Performance XPathEditableNavigator, an Updatable Cursor The XPathDocument as a Better DOM Easier XPath Queries with Namespaces Security The XQuery Language XmlReader...
  • Blog Post: Creating a SecurityElement from XML

    Most of the .NET security system can be serialized out to XML, and knows how to deserialize itself from an XML stream. This would seem to make it easy to create security objects (such as PermissionSet's) from XML documents, or maybe use an XPath query or XSLT transform on one of these objects. However...
  • Blog Post: Using XML Encryption With CipherReferences, Part 2 - Remote Data

    Earlier this week, I posted about using cipher references to refer to data stored in the same document. Today I'll use the same technique, but instead of storing the encrypted data elsewhere in the document, I'm going to store it on a seperate server. Of course, I'll be using the familiar order.xml sample...
  • Blog Post: Using XML Encryption With CipherReferences, Part 1 - Local Data

    Most users of encrypted XML will encrypt their data and embed the resulting cipher value directly into the EncryptedData element, using a CipherValue tag. However, XML encryption also supports the use of CipherReferences, which allow you to place the encrypted XML outside of the EncryptedData element...
  • Blog Post: More Secure XML Digital Signatures

    I've gotten some comments about my XML Digital Signatures entry, pointing out that since I chose to embed the signing key into the document, nothing is preventing anyone from simply removing the signature, modifying the document, and then resigning with their own key. This is true; in order to effectively...
  • Blog Post: Moving

    The GotDotNet blogs are being frozen, so I'll be moving my blog over to the ASP.Net site.  You can find the new location at http://blogs.msdn.com/shawnfa
  • Blog Post: XML Encryption in .Net

    One of the new features being introduced with the Whidbey version of the .Net framework is XML encryption. XML Encryption allows you to encrypt arbitrary data, and have the result be an XML element. Much as XML digital signatures are driven through the SignedXml class, this feature is driven through...
  • Blog Post: XML Digital Signatures in .Net

    The .Net framework has built in support for signing XML files with an XML digital signature. Here's a sample of how to create and verify an enveloped digital signature using these classes. There are three types of XML digital signatures: Enveloped - The signature is contained within the document...
Page 1 of 1 (19 items)