Michael Bell wrote: > > Hi, > > sometime ago I ask what we should sign (only the header or the body [...] > subject or the alternative name etc..
I think that the header's information could be subject to change or, let's
say, integration (like adding some missing information). The header was
introduced to simplify this and having the ability to record data not
strictly related to the request (subject).
Indeed I understand your point but I would recommend to sign only what is
really needed to be signed thus signing only the body.
--
C'you,
Massimiliano Pala
--o-------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] madwolf at cpan.org
madwolf at openca.org
http://www.openca.org madwolf at hackmasters.net
http://openca.sourceforge.net Mobile: +39 (0)347 7222 365
smime.p7s
Description: S/MIME Cryptographic Signature
