1
Vote

Add XML signing/verification to the serialized expression trees.

description

The de/serialized expressions are foreign pieces of code and must be treated with extreme caution. The first line of defense I can think of is signing the XML documents with certificates that the executing site trusts.

On the other hand from an SoC point of view I feel like this is a feature that does not necessarily belong to the serializer... That's why I am not going to regard this issue with a high priority.

comments