You can select the canonicalization algorithm to be used for a document from the dialog box that is displayed by using the Canonicalize action that is available from the Source submenu when invoking the contextual menu in Text mode or from the Tools menu.
Figure: Canonicalization Settings Dialog Box
You can set the following:
- Input URL - Available if the Canonicalize action was selected from the Tools menu. It allows you to specify the location of the input file.
- Exclusive - If selected, the exclusive (uncommented)
canonicalization method is used.Note: Exclusive Canonicalization just copies the namespaces you are actually using (the ones that are a part of the XML syntax). It does not look into attribute values or element content, so the namespace declarations required to process these are not copied. This is useful if you have a signed XML document that you want to insert into other XML documents (or you need self-signed structures that support placement within different XML contexts), as it will ensure the signature is verified correctly each time.
- Exclusive with comments - If selected, the exclusive with comments canonicalization method is used.
- Inclusive - If selected, the inclusive (uncommented)
canonicalization method is used.Note: Inclusive Canonicalization copies all the declarations, even if they are defined outside of the scope of the signature, and all the declarations you might use will be unambiguously specified. Inclusive Canonicalization is useful when it is less likely that the signed data will be inserted in other XML document and it is the safer method from the security perspective because it requires no knowledge of the data that are to be secured in order to safely sign them. A problem may occur if the signed document is moved into another XML document that has other declarations because the Inclusive Canonicalization will copy them and the signature will be invalid.
- Inclusive with comments - If selected, the inclusive with comments canonicalization method is used.
- XPath - The XPath expression provides the fragments of the XML document to be signed.
- Output - Available if the Canonicalize action was selected from the Tools menu. It allows you to specify the output file path where the signed XML document will be saved.
- Open in editor - If checked, the output file will be opened in the editor.