The following PIDF-LO document has been signed using the filter.
<presence xmlns="urn:ietf:params:xml:ns:pidf" xmlns:gml="http://opengis.net/gml" xmlns:gp="urn:ietf:params:xml:ns:pidf:geopriv10" entity="pres:user@example.com"> <tuple > <status> <gp:geopriv> <gp:location-info> <gml:Point srsName="urn:ogc:def:crs:EPSG::4326"> <gml:pos>-43.5723 153.21760</gml:pos> </gml:Point> </gp:location-info> <gp:usage-rules> <gp:retransmission-allowed>no</gp:retransmission-allowed> <gp:retention-expiry> 2006 - 06-16T10:06:46.387 + 10:00 </gp:retention-expiry> </gp:usage-rules> </gp:geopriv> </status> <da:domain-auth xmlns:da="http://sitacs.uow.edu.au/ns/location/held/domain-auth" expires="2006-06-15T01:18:14.235Z"> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI=""> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://sitacs.uow.edu.au/ns/location/held/domain-auth#PIDF-LO"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>fadt8IZIlnHZzUX50L3v5JCF/tY=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue> ESnPq7L4GwFFXwYox0+QlvsNsu+4afu0mGmd45N7jhBwx8i3NGZpphepDeUjEIG07Ub0GkkjN5X/ X2nXeCCv5w== </ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> MIICHjCCAcgCBESQpzcwDQYJKoZIhvcNAQEEBQAwgZgxCzAJBgNVBAYTAkFVMQwwCgYDVQQIEwNO U1cxEzARBgNVBAcTCldvbGxvbmdvbmcxDzANBgNVBAoTBkFuZHJldzEuMCwGA1UECxMlQW5kcmV3 IE5ldHdvcmsgU29sdXRpb25zIEFzaWEtUGFjaWZpYzElMCMGA1UEAxMcRG9tYWluIEF1dGhvcml6 YXRpb24gRXhhbXBsZTAeFw0wNjA2MTUwMDE3NTlaFw0wNjA5MTMwMDE3NTlaMIGYMQswCQYDVQQG EwJBVTEMMAoGA1UECBMDTlNXMRMwEQYDVQQHEwpXb2xsb25nb25nMQ8wDQYDVQQKEwZBbmRyZXcx LjAsBgNVBAsTJUFuZHJldyBOZXR3b3JrIFNvbHV0aW9ucyBBc2lhLVBhY2lmaWMxJTAjBgNVBAMT HERvbWFpbiBBdXRob3JpemF0aW9uIEV4YW1wbGUwWzANBgkqhkiG9w0BAQEFAANKADBHAkB1nljj c0ctJbuqRe9SZf4jXcdmD7lzBeS15fBIysEqYQYUvXdvZvNvdhcwu2yiixzruIEad3DyBfaQATI4 TAGRAgMBAAEwDQYJKoZIhvcNAQEEBQADQQBbbBAIKD8qlR+hK8POk3p6WBLjTHBT5GlJAg1XIyaS 1hziF6T5hSWmE+GYgWnmUYUQ5PCUkn29Zsg+b1K3SSmq </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> </da:domain-auth> <note> This note may be changed without affecting the signature. </note> <timestamp>2006-06-15T10:06:46.387+10:00</timestamp> </tuple> </presence>
Several elements are included in the preceding example that are not covered by the signature because of the transform, in particular usage-rules and note-well elements. The transform removes these supplementary elements, resulting in the following PIDF-LO, which only includes the signed elements (whitespace has been added for readability).
<presence xmlns="urn:ietf:params:xml:ns:pidf" xmlns:gml="http://opengis.net/gml" xmlns:gp="urn:ietf:params:xml:ns:pidf:geopriv10" entity="pres:user@example.com"> <tuple > <status> <gp:geopriv> <gp:location-info> <gml:Point srsName = "urn:ogc:def:crs:EPSG::4326"> <gml:pos>-43.5723 153.21760</gml:pos> </gml:Point> </gp:location-info> <gp:usage-rules></gp:usage-rules> </gp:geopriv> </status> <da:domain-auth xmlns:da="http://sitacs.uow.edu.au/ns/location/held/domain-auth" expires="2006-06-15T01:18:14.235Z"> </da:domain-auth> <timestamp>2006-06-15T10:06:46.387+10:00</timestamp> </tuple> </presence>