[xmlsec] [Q.] verification fail (can not find <KeyInfo>)
Aleksey Sanin
aleksey@aleksey.com
Tue, 07 Jan 2003 01:20:28 -0800
As far as I can understand the spec,
<dsig:RetrievalMethod
Type="http://www.w3.org/2000/09/xmldsig#RSAKeyValue" .../>
should point to <dsig:RSAKeyValue/> element. In your XML it points to
<dsig:KeyInfo/>
element which seems wrong to me. I would agree that the XML DSig is not
fully clear
here but I believe there was a disussion in XML DSig working group
mailing list about this.
However, I might be wrong and it'll be great to get second opinion on
this. Rich?
Aleksey
EGB:STONEROSES@MATRIX (Blusjune Jung / Daum.net) wrote:
>Hi, aleksey ~ :)
>
>At first, really thank you for your good ``xmlsec'' library!!!
>
>I have one curious question.. ^^
>Would you explain the reason of the following result?
>
>By use of xml.apache.org XML library,
>my partner (in my XML team) has created XML-signed message
>which uses <RetrievalMethod> to get the public key to verify.
>
>I've got that message and tried to verify it,
>but the result of operation is "fail".
>
>What's my or my partner's mistake?
>How can I solve this problem?
>Thank you for your reading! ^^
>
>
>
>The following is XML-signed message (to be verified):
>=
>