Looking at the signing of ebXML CPA's we came across two issues we think
need to be fixed in the next ebXML CPPA spec.
Section 220.127.116.11 Signature Generation
There is a list with 4 items. The last item (line 3144) tells to add the
Signature following the last PartyInfo. That is not correct. The CPPA
XML Schema defines to add Signatures after the Packaging and before the
Samples in the ebCPPA spefication version 2.0 that show elements from
the Digital Signature namespace have prefixes for the attributes. XML
Schema validating  a CPA that is signed and has attributes of the
digital signature namespace being prefixed fails. The Digital Signature
XML Schema does not include a "attributeFormDefault" attribute which
implies that the attributes must not be prefixed. So we think all the
samples in the CPA that show ds:Reference elements etc are not valid.
Digitally signed ebXML Messages also do not have the prefixes for the
Digital Signature namespaced elements attributes.