Xoxa: a lightweight approach to normalizing and signing XML

Cryptographically signing XML, and normalizing it prior to signing, are forbiddingly intricate problems in the general case. This is largely because of the complexities of the XML Information Set. We can define a more aggressive normalization, which dispenses with distinctions and features which are unimportant in a large class of cases, and thus define a straightforwardly implementable and portable signature framework.