Peter Gutmann wrote: > Yup, see "Why XML Security is Broken", > http://www.cs.auckland.ac.nz/~pgut001/pubs/xmlsec.txt, for more on this.
Peter's shared earlier drafts with me, and we've exchanged email about this. The only complaint that has a factual basis is this: I don't want to have to implement XML processing to do XML Digital Signatures The others are just blowing smoke, or "proof by snarkiness." :) /r$ -- Rich Salz Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]