https://sourceforge.net/p/openscoreformat/bugs/20/2009-07-08T10:29:13ZRecent changes to 20: Signed manifest.xml are invalid against schema2009-07-08T10:29:13Z2009-07-08T10:29:13ZMark Ollesonhttps://sourceforge.net/u/markolleson/https://sourceforge.nete4fd1c164ce7423f38398aebbb39f422a076299d

<div class="markdown_content"><p>The OSFPT, when signing packages, creates Manifest.xml documents which subsequently fail to validate against version 0.9.1 of the Manifest.xsd schema. </p> <p>This problem is caused a xs:keyref check between the ds:Reference URI (the URI for a signed asset) and the osfm:asset name attribute. The former is relative to the manifest whilst the latter is an absolute path from the package root. <br /> Version 1.0 of the manifest.xsd removes this check as the output of the .NET digital signature processor is legal and we will have to accept it. </p> <p>This does however suggest that the OSFPT doesn't validate it's own output when modifying XML documents. It is also a mystery how it then validates these instance documents open an unpack or validate operation. Perhaps it discards the ds:signature section?</p> <p>This needs investigation.</p></div>