Open Score Format

The OSFPT, when signing packages, creates Manifest.xml documents which
subsequently fail to validate against version 0.9.1 of the Manifest.xsd
schema.


This problem is caused a xs:keyref check between the ds:Reference URI (the
URI for a signed asset) and the osfm:asset name attribute. The former is
relative to the manifest whilst the latter is an absolute path from the
package root.
Version 1.0 of the manifest.xsd removes this check as the output of the
.NET digital signature processor is legal and we will have to accept it.

This does however suggest that the OSFPT doesn't validate it's own output
when modifying XML documents. It is also a mystery how it then validates
these instance documents open an unpack or validate operation. Perhaps it
discards the ds:signature section?

This needs investigation.