Secure XML: The New Syntax for Signatures and Encryption

E.4. Security and Canonicalization

Security is a subtle area. Some problems can be solved in a general way, and those solutions are typically incorporated into standard security syntaxes such as those for ASN.1 [RFC 2630] and XML [XMLDSIG, XMLENC]. With application-specific questions, and particularly questions of exactly what information you need to authenticate or encrypt, more complex solutions are needed.

Questions of exactly what needs to be secured and how to do so robustly are deeply entwined with canonicalization. They are somewhat different for authentication and encryption.

E.4.1. Canonicalization

Chapter 9 describes canonicalization as the transformation of the “significant” information in a message into a “standard” form, discarding ...

Get Secure XML: The New Syntax for Signatures and Encryption now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Secure XML: The New Syntax for Signatures and Encryption by Donald E. Eastlake, Kitty Niles

E.4. Security and Canonicalization

E.4.1. Canonicalization

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly