Content Extraction Signatures using XML Digital Signatures and Custom Transforms On-Demand

In this paper we describe our work in developing custom transform algorithms to expand the functionality of an XML Signature to include Content Extraction Signature functionality. This functionality includes extraction policy verification into the XML Signature Core Validation. Also included is a custom revocation mechanism. We also describe our implementation for non-XML content where the custom transforms are dynamically loaded demonstrating that custom signing and verification is not constrained to a 'closed system'. Through the use of dynamic loading we show that a verifier can still verify a custom XML Signature compliant signature even though a custom signature was produced.