You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Monica Lau <ml...@yahoo.com> on 2004/10/13 05:07:16 UTC
Newbie question on HMAC signature
Hi,
I'm signing an xml document using hmac-sha1. I was just wondering what do people normally fill in for the <keyinfo> element? I assume that you don't incorporate this <keyinfo> element into the document because you can't/shouldn't store the secret in it. Or is there some way to incorporate this information in the xml document without compromising security? I don't believe so, but I'm fairly new to security...
Thanks for your help,
Monica
---------------------------------
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.