> Any help or tips would be *much* appreciated. First tip is that posting signed XML in email won't help with debugging it, it's already trashed at that point. Every character of whitespace matters.
The general answer is that you need to obtain the digested octets on *both* ends to compare them. You may find this helpful: https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManSigErrors Either the signer is buggy or you've corrupted the XML in transit, but the only way to know is to compare the bits after c14n. -- Scott
