XML encryption standard hack

I started writing a post about the XML encryption hack, but in the course of researching the topic I came across this great post by Matthew Green on his "A Few Thoughts on Cryptographic Engineering" blog. Matthew's post covers pretty much everything I wanted to say and more - so I'll forgo my post and let you read all about it there.