[xmlsec] xmlsec and performing canonicalization by default

Shlomo Yona S.Yona at F5.com
Thu Apr 23 02:12:39 PDT 2009


It seems that xmlsec performs canonicalization (c14n) by default when verifying signatures even when the input message contains no transform element (dsig spec doesn't require a transform element).


Is this behavior intentional?

Thank you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20090423/5e8f054d/attachment.htm

More information about the xmlsec mailing list