Business scenario:
- An update may contain packages.
- The package may contain changes.
- Each package must be approved by someone.
- Once approved, the package cannot be modified.
To be completed, the upgrade must have 100% approved packages.
Reflections on development:
- All data is saved as XML files.
- Xml "Package" elements will be signed after approval.
Problem:
No matter what I try and google, all examples are always associated with signing the whole document or signing sub-elements with the same key for the entire document. But I would like to sign each sub-element (Package) with a different key, the key to whoever approves the package. Therefore, I need one signature for each item. Although all the features of the .NET Framework seem to support this, I get weird behavior. For example, when signing elements, you need to specify the element URI. If I pass the same identifier to all packages, it checks if I give a different identifier to each element and refer to this identifier in its respective signatures, I can only check the first one. The idea of ββan ID does not make sense for my scenario, because I have a signature with my element in a 1: 1 ratio.
, , , - ? , , , , . - - , ? - , , ?