On 13/09/18 19:54, Gordon Sim wrote:
On 13/09/18 19:40, Chuck Rolke wrote:
I'd put the signature in part of the 'bare message', such as
application properties, which passes from sender to receiver unmodified.
That would require the signature to be in the bytes the signature signs.
I should clarify, the above is assuming that the signature is of the
entire bare message. If instead it was just of the body, then the
problem above can be ignored.
(And if it is the bare message, that has further implications on the
API, since you need the encoded form of the bare message in order to
generate the signature).
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@qpid.apache.org
For additional commands, e-mail: users-h...@qpid.apache.org