Not sure there is enough context to answer the question here. Are you
talking about serialisation of nodes prior to encryption?
If so, then the reason the libraries (both of them) use c14n (and from
memory, exclusive c14n) is you need to serialise somehow, and this is a
nice, standard way to do it. By using C14n (and particularly exclusive)
you get over some problems with namespaces when decrypting and parsign
fragments of XML.
Cheers,
Berin
Venu K wrote:
---------- Forwarded message ----------
From: Venu K <[EMAIL PROTECTED]>
Date: Jul 15, 2005 1:39 PM
Subject: Encryption
To: security-dev@xml.apache.org
Hi ,
XML-SEC does c14 canonicalization by default even though w3c
encryption spec mentions same as optional. What is the rationale
behind this.
Any insights appreciated.
Thanks,
Venu
