[xmlsec] Wrong key selection in simple keys store?

Rich Salz rsalz@datapower.com
Sat, 13 Sep 2003 16:45:38 -0400 (EDT)


> And in general, I would not recommend to search for keys without specifying
> a unique key name. It sounds like a good way to get yourself in trouble.

Strongly agree.  Unless the keystore has exactly one key, I think a name
(or some other identifying information) should be required.

Ambiguity in signing is a bad idea. :)
	/r$

--
Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview      http://www.datapower.com/xmldev/xmlsecurity.html