Return-Path: 
 <security-dev-return-5949-apmail-xml-security-dev-archive=xml.apache.org@xml.apache.org>
Delivered-To: apmail-xml-security-dev-archive@www.apache.org
Received: (qmail 80410 invoked from network); 5 Apr 2007 15:44:24 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 5 Apr 2007 15:44:24 -0000
Received: (qmail 79752 invoked by uid 500); 5 Apr 2007 15:44:30 -0000
Delivered-To: apmail-xml-security-dev-archive@xml.apache.org
Received: (qmail 79733 invoked by uid 500); 5 Apr 2007 15:44:30 -0000
Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:security-dev@xml.apache.org>
List-Help: <mailto:security-dev-help@xml.apache.org>
List-Unsubscribe: <mailto:security-dev-unsubscribe@xml.apache.org>
Reply-To: security-dev@xml.apache.org
List-Id: <security-dev.xml.apache.org>
Delivered-To: mailing list security-dev@xml.apache.org
Received: (qmail 79720 invoked by uid 99); 5 Apr 2007 15:44:30 -0000
Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 05 Apr 2007 08:44:29 -0700
X-ASF-Spam-Status: No, hits=1.4 required=10.0
	tests=MSGID_MULTIPLE_AT
X-Spam-Check-By: apache.org
Received-SPF: pass (herse.apache.org: local policy)
Received: from [128.146.216.133] (HELO defang19.it.ohio-state.edu)
 (128.146.216.133)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 05 Apr 2007 08:44:22 -0700
Received: from bytor (dhcp-128-146-242-204.it.ohio-state.edu
 [128.146.242.204])
	by defang19.it.ohio-state.edu (8.13.7/8.13.1) with ESMTP id l35Fi0jd015168
	for <security-dev@xml.apache.org>; Thu, 5 Apr 2007 11:44:00 -0400
From: "Scott Cantor" <cantor.2@osu.edu>
To: <security-dev@xml.apache.org>
References: <46141E76.1040100@toltech.net>
 <000001c7770d$c9e867c0$5db93740$%2@osu.edu> <46151631.7000106@toltech.net>
In-Reply-To: <46151631.7000106@toltech.net>
Subject: RE: Standard for embedding KeyInfo
Date: Thu, 5 Apr 2007 11:44:03 -0400
Organization: The Ohio State University
Message-ID: <001601c77799$3cd433f0$b67c9bd0$@2@osu.edu>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-index: Acd3l4bggaiBp/TSTvuBuL1HgRTAhgAAUNUg
Content-Language: en-us
X-Spam-Score: 1.40 (*) [Tag at 10.00] MSGID_MULTIPLE_AT
X-CanItPRO-Stream: outbound
X-Canit-Stats-ID: Bayes signature not available
X-Scanned-By: CanIt (www . roaringpenguin . com) on 128.146.216.12
X-Virus-Checked: Checked by ClamAV on apache.org

> By this do you mean embedding the certificate in the signature?  If so,
> this sounds like it would work best for us.  Do you have any sample code
> that does this?

I wrap KeyInfo myself now, I don't use this library directly for that part,
it's not as powerful as my code. My old code used it, you can look at:

http://tinyurl.com/2pzlpp

Look at the sign() method.

-- Scott