[Bulk] Re: [xmlsec] Verify - OpenSSL vs mscrypto

Aleksey Sanin aleksey at aleksey.com
Wed Jan 11 11:10:29 PST 2006


> The xmlSecDSigCtxVerify function does NOT presently trigger the checking of
> the cert chain when using mscrypto. It does when using openssl. This is an
> API inconsistency at the xmlsec level. So if xmlSecDSigCtxVerify doesn't
> trigger the checking, what mscrypto function does ? Is it even supported ?
> 
I am not sure I understand this. I do believe that the xmlsec-mscrypto
code *does* build the chain and it *does* verify it against the
"trusted" certificates installed by the app.

With Dmitry's patch, xmlsec-mscrypto *also* uses trusted certificates
from the MSCrypto certificates store.

Aleksey




More information about the xmlsec mailing list