- From: Rich Salz <rsalz@datapower.com>
- Date: Wed, 10 Mar 2004 10:14:56 -0500
- To: Anders Rundgren <anders.rundgren@telia.com>
- Cc: w3c-ietf-xmldsig@w3.org
> According to some users of XAdES, it is more secure > as you also sign the hash of the signer's certificate in > order to thwart changing this element. > > Any thoughts on why this presumably good solution > is not a part of XML Dsig? You can do this now, by adding a Reference that points to the cert and including the cert in the Signature. I don't think anything special is needed. /r$ -- Rich Salz, Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
Received on Wednesday, 10 March 2004 10:03:32 UTC