Comment by mdaniel

Comment by mdaniel 6 hours ago

0 replies

View on Hacker News

> so the attacker can add arbitrary comments without messing up the signature.

Right, I believe you, but the original assertion was "change meaning of document" -- I can likely add arbitrary whitespace, too, under that same "tomato, tomahto" canonicalization path, but how do either of those two insertions benefit the attacker by changing the meaning of the document?