what does it mean in XML signature spec that ID is there because it can be more instances of element, but it can be only one element by SOAP message?
I have one more question regardles xml dig signature:
inside element we do hash calculation with and the result goes into , so why we need outside element to calculate signature again, wich result goes into ?
I have found out an answer on this second question: need to be signed because attacker cant change algoritms with weeker one.
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Participation.
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.