180 Chapter 5 " XML Digital Signatures signature implementation. Consequently, it might not be universally available. Using XSLT to Transform Documents The XML XSLT processing language can also be applied as a transformation that is used for an XML digital signature. XSLT works by applying a style sheet to the XML node set. XSLT can actively change the data in the process; this differs from XPath, which can only block or allow a node, not change it in any way. XSLT is a powerful mechanism that can be used to perform elaborate manipulations of the nodes if desired. XSLT is an optional feature for a standards-conformant XML digital signature implementation, so it might not be universally available. Using Manifests to Manage Lists of Signed Elements Using the XML digital signature manifest mechanism, it is easy to manage lists of signed elements. This method is especially useful when there are multiple signers of long lists of elements. An XML digital signature that uses manifests signs both the manifest itself (i.e., the list) as well as the actual listed elements. Cautions and Pitfalls Some of the foundation components of XML digital signatures are in a state of flux, so be careful when listing these algorithms in any transformations for your signatures. Never confuse the message originator with the message sender. In order to reduce the problems in distinguishing who originated and signed the message versus who sent the message, be sure that the complete context of the information is provided within the signed body.This information could include such things as a timestamp, the recipients name, and references to information to provide a context for the message. www.syngress.com