In a <dss:VerifyRequest> we need some disambiguation in the case of a
request carrying multiple
<dss:DocumentHash>, <dss:TransformedData> or a combination of those
having the same RefURI.
Although I have to admit that this is a corner case, it is not so
unlikely as Signatures created with SignedReferences allow to create
multiple <ds:References> from the same input document and hence they may
having the same URI.
Section 4.3 point 2. variant b. and also variant c. now ask to check the
matching <ds:Transforms> or the <ds:Transforms> and the
<ds:DigestMethod> to the <ds:References> inside the Signatures
However as the <ds:Transforms> and the <ds:DigestMethod> can be
arbitrarily complex like for example an XSLT <ds:Transform> bearing the
<xsl:sylesheet> directly, this can be very hard and expensive to do. It
might even out the usefulness of <dss:DocumentHash>,
<dss:TransformedData> for such cases.
The comparison could amount to context free extract of the
<ds:Transforms> and <ds:DigestMethod> elements and the need to
canonicalize them if a true matching as required in section 4.3 point 2
should be done.
A straight forward solution to get rid of this problems would be to
introduce an attribute called <xs:attribute name="WhichReference"
type="xs:integer" use="optional"/> that identifies a reference and is
required in the case of a supplied <dss:TransformedData> or
<dss:DocumentHash> and would allow to ignore the given <ds:Transforms>
or the <ds:Transforms> and the <ds:DigestMethod> respectively.