[xmlsec] Wrong key selection in simple keys store?
Rich Salz
rsalz@datapower.com
Sat, 13 Sep 2003 16:45:38 -0400 (EDT)
> And in general, I would not recommend to search for keys without specifying
> a unique key name. It sounds like a good way to get yourself in trouble.
Strongly agree. Unless the keystore has exactly one key, I think a name
(or some other identifying information) should be required.
Ambiguity in signing is a bad idea. :)
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html