|
|
|
|
|
|
by monocasa
494 days ago
|
|
|
I really wish that XMLDSig wasn't such an awful standard that it turned a good third of the security industry against canonicalization in general. Saying there's "sure there's lots of ways to serialize, but these specific rules get you the same octet and you sign that" is key to sanity in such situations. For all of ASN.1's many sins, they got that part absolutely right. |
|
|