Is it possible to do XML signatures using the AES algorithm instead of RSA?
I don't think this makes a lot of sense. Are you saying to do something like AES-encrypt the SHA-1 message digest? That would be bad -- it would mean that every signed document is a adding to known-plaintext attacks against the AES key, for example.
Perhaps you want to use HMAC?
/r$-- Rich Salz, Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
