[xmlsec] KeyName

Aleksey Sanin aleksey at aleksey.com
Mon Apr 14 08:19:13 PDT 2003


Key name is a unique application specific string that identifies a key.
There is no rule that tells you how you should name keys and you may
decide to just not do it. However, if you are not using 
<dsig:RetrievalMethod/>,
X509 certificates, PGP or something else then the key name is the only
way to point the other person to the key used for encryption or signature
(of course, ignoring the fact that you might have one and only one key
once and forever but probably it's a corner case :) ).
IMHO, it's a good practice to use key names when possible. At the end,
it saves your time for debugging. In xmlsec you can set/get names
using xmlSecKeySetName/xmlSecKeyGetName functions. The key name
is written to <dsig:KeyName/> element (if it is present in the template).

Aleksey



Slava Kostin wrote:

>Hello Aleksey,
>
>While learning your examples I have noticed that every example
>contains function xmlSecKeySetName. Please explain for what reason it
>is necessary to assing a name to the key and how to assign names
>correctly? In which standard I can find a description of such process?
>Thank you.
>
>  
>




More information about the xmlsec mailing list