[xmlsec] Verify XML signature with multiple KeyName
Paolo Smiraglia
paolo.smiraglia at gmail.com
Fri Jun 29 10:37:33 PDT 2018
On Fri, 29 Jun 2018 at 17:38, Leif Johansson <leifj at mnt.se> wrote:
> My guess is that Scott just tries to iterate over all possible
> combinations... Is this a key rollover situation btw?
No. The double KeyName is because the tool that I used to sign the
metadata (samlsign) iterated over all the subjectAlternativeName.
After some experiment I obtained that a KeyName is added for each
subjectAlternativeName.
> What saml profile is this trying to comply with? Is it perhaps eIDAS?
More or less. It is SPID, the Italian federation.
--
PAOLO SMIRAGLIA
More information about the xmlsec
mailing list