Article:		The xml:id Conundrum
Subject:		canonicalization
Date:		2005-03-11 18:01:29
From:		jimmy_z
No question about it. XML signing has design issues. The point of XML signing is to ensure the message comes from where it is supposed to come, the notion of signing the info set can be problematic because signing is for array of bytes Those various forms of same XML infoset in fact, should generate different hashes, because signing has little to do with infoset comparison, right?

Previous Message

Next Message