XML::Sig is a perl module to sign and verify XML Digital Signatures
This is a fairly minor release that addresses some test failures caused by the OpenSSL project choosing to "not load” the Legacy provider by default in version 3.
This effectively drops support for a number of very old and broken algorithms (at least by default) and that is a very good thing despite the negative impact on their users.
It does however make one wonder if it is not time for the XML Security Working Group to spin up and update the specifications for the changes from the last ten years.
Top comments (0)