What is different about forming the string to sign for signature version 2 (inbound and outbound)?
• Additional components of the request are included in the string to sign (HTTP method – GET\POST, Server URL endpoint). • The query string control parameters (the equal sign and ampersand) are included in the string to sign. • The query string parameters are sorted using byte ordering. • The query string parameters and their values are URL encoded before signing the request. • Why does Amazon Web Services use asymmetric instead of symmetric keys to compute the signature for outbound notifications? Signature computation for outbound notifications on the AWS end and signature validation on your end using symmetric keys becomes cumbersome and indeterministic by the introduction of AWS access key rotation (refer to https://aws-portal.amazon.com/gp/aws/developer/account/index.html?ie=UTF8&action=access-key for more details). Asymmetric key based signing will become an AWS wide standard for outbound notifications.
Related Questions
- How is the new signature algorithm different from the existing one for outbound notifications (CBUIAmazon Simple Pay return URLs and IPNs)?
- Where can I find a User Agent string example if I recorded using a different version of IE.x?
- How is the new signature algorithm different from the existing one for inbound API requests?
