santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cláudio Engelsdorff Avila <>
Subject Re: Need lots of help - Validating Signed XML files
Date Thu, 06 Apr 2006 13:17:40 GMT
Yeah it helped for me to see that i'm on the right path.

But i'm stil having some problems trying to open revocation lists and so 
I got my chain and revocations lists from this URL 

If someone could enlighten me.

Thanks in advance.

Milan Tomic <> 
05/04/2006 04:36
Please respond to


Re: Need lots of help - Validating Signed XML files

Take a look at this article:

Hope it helps,

--- Cl�udio Engelsdorff Avila <> wrote:

> I'm developing an application that signs and validate xml files using 
> apache xml security library.
> To sign a file is easy, but the validation part is becoming a real 
> for me.
> I've been able to validate te signature itself, and its expiration 
> but i need more than just that. I need to validate the certification 
> and rcl files as well.
> To be honest I could find some examples to validate the chain, but I 
> understand how the certification chain really works.
> If you guys could give me some steps to follow would be very nice. My 
> deadline is coming and i still have some pieces to put together.
> My goals are:
> - Assure that the certicate used was an end user certificate and not 
> a certification authority; (Didn't find nothing about this kind of 
> validation)
> - Adopt rules defined by RFC 3280 for RCL and chain of trust 
> (certification chain); (Completely lost on this one)
> - Verify if the revogation and chain lists are up to date; (Didn't get 
> that far on my research)
> - Validate the key type used accept only keys type A; (I didn't find 
> anything about this types only when you pucharse your key you choose 
> kind of things, at least here on brazil.)
> Thanks in advance.

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

View raw message