[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: KeyInfo in XML DSig
In response to the question raised regarding referencing certificates in the XML DSig KeyInfo element. This element does allow for X509 certificates to be referced or included in many ways, including by: a) giving a URI in RetrievalMethod b) including the certificate serial number in X509Data c) including the whole certificate in X509Data My preference would be (c) or if the full certificate was not included to save space then the certificate serial number (b). a) Is also possible as was suggested, this however, I feel gives more opportunity for certificate substitution. Hope this helps. Nick Pope Mob: +44 (0) 777 567 2590
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]