Xoxa: a lightweight approach to normalizing and signing XML
This addresses the intricate challenges of XML signing for developers and users in data security applications, but it is incremental as it builds on existing normalization approaches.
The paper tackles the complex problem of cryptographically signing XML by proposing a more aggressive normalization that simplifies the process, resulting in a straightforwardly implementable and portable signature framework.
Cryptographically signing XML, and normalizing it prior to signing, are forbiddingly intricate problems in the general case. This is largely because of the complexities of the XML Information Set. We can define a more aggressive normalization, which dispenses with distinctions and features which are unimportant in a large class of cases, and thus define a straightforwardly implementable and portable signature framework.