|
|
|
|
|
|
by jf
702 days ago
|
|
|
Try implementing XMLDsig yourself and you'll quickly learn how awful it is. Aside from the other comments mentioned in these replies, one of the horrible things about XMLDsig is that it requires you to mutate ("canonicalize") the XML that is to be signed. Then, the signature is injected into the document that was signed ... to be removed by the verifier before it has to canonicalize the document, etc, etc |
|
|