From 80b1e6a46df84916ba8a6532af49481cbf345c47 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Mon, 22 Jan 2007 15:44:49 +0000
Subject: Footnote

svn path=/scripts/xmlsec-demo.sh; revision=472
---
 scripts/xmlsec-demo.sh | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'scripts/xmlsec-demo.sh')

diff --git a/scripts/xmlsec-demo.sh b/scripts/xmlsec-demo.sh
index b27ad217..dde26db3 100755
--- a/scripts/xmlsec-demo.sh
+++ b/scripts/xmlsec-demo.sh
@@ -9,6 +9,10 @@
 # Basic idea of the demo is to create a four level deep cert chain,
 # use that to sign an XML document, then demonstrate that it verifies.
 
+# Subsequent discussion on the mailing list concluded that xmlsec (the
+# protocol, not just this particular implementation) is hopelessly
+# broken and that we should just use CMS (aka PKCS#7 ng).  Done.
+
 set -xe
 
 : ${input=input.xml} ${unsigned=unsigned.xml} ${signed=signed.xml}
-- 
cgit v1.2.3