I am adding security to my web service and chose to sign the Timestamp
and Token
.
While reading docs I found a lot of examples where they sign the Body
of the SOAP
message.
My question is: what is best to sign?
From what I understand signing the Body
could lead to performance issues if the Body
is pretty large.
Thanks.