2.9. Canonicalization
Canonicalization is a critical aspect of digital signatures and verification. It also has limited applicability to encryption.
To be useful, signatures (and message authentication codes, if appropriate) must be secure and robust. For the signature to be secure, any “significant” change in the signed data or the signature must cause the signature to fail. For the signature to be robust, any “insignificant” change in the signed data, or the signature itself, must not cause the signature to fail. Any change allowed by normal receipt, storage, and/or transmission of the message should be considered insignificant and should not be covered by the signature. Figuring out exactly what is significant for signature purposes can prove ...
Get Secure XML: The New Syntax for Signatures and Encryption now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
