This document provides an overview of performance considerations relevant to XML Security, in particular demonstrated improvements to XML Canonicalization, XPath selection of material for signing, and XML Signature in 2.0.
The XML Signature signing process includes the selection of referenced material to be signed, canonicalization of the material and generation of a signature.
Significant performance improvements can be achieved by supporting streaming, reducing the memory needed especially for large documents.
Additional significant performance improvements can be achieved by removing the reliance on nodesets and instead working with subtrees (with possible subtree exclusions).
In addition to these two significant approaches which yield the largest benefits due to the architectural implications, the 2.0 specifications incorporate numerous additional changes with the intention of increasing simplicity and performance.