c14n methods #20
Description
Relaying this here for Mads, who had this to say after the MDS changed to using pyFF/pyXMLSecurity:
Is there a reason we should know for using a non-exclusive canonicalization method for the
SignedInfo, but an exclusive one for the transform of the referenced document?
The metadata spec says: "SAML implementations SHOULD use Exclusive Canonicalization, with or without comments, both in the<ds:CanonicalizationMethod>element of<ds:SignedInfo>, and as a<ds:Transform>..."