|
|
|
|
|
|
by matja
27 days ago
|
|
|
> canonicality matters — for signatures, content-addressing, or any kind of “two implementations must agree on the bytes” property If you don't do this properly, you end up with things like:
- SAML XSW attack due to XML signature wrapping
- ASN.1 BER/DER signature forgery
- Bitcoin transaction malleability attacks |
|
|