Hi,
I'm signing an xml document using hmac-sha1. I was just wondering what do people normally fill in for the <keyinfo> element? I assume that you don't incorporate this <keyinfo> element into the document because you can't/shouldn't store the secret in it. Or is there some way to incorporate this information in the xml document without compromising security? I don't believe so, but I'm fairly new to security...
Thanks for your help,
Monica
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
