santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Scott Cantor" <>
Subject RE: Signing just one of the elements in a DOMDocument
Date Wed, 01 Aug 2007 23:04:45 GMT
> If I'm verifying the KeyInfo Certificate versus the signature:
>         KeyInfo ki = signature.getKeyInfo();
>         X509Certificate cert = ki.getX509Certificate();
>         boolean good = signature.checkSignatureValue(cert);
> and verifying that the key is good and is from someone I trust?

Yes, exactly. You don't show that last step in your code, and the reason is
that it's incredibly complicated. So you shouldn't be terribly surprised
that people don't understand that step or that they omit it.

What you're describing is not what I would characterize as "relying" on
KeyInfo. It's semantics.

> Not all deployments of signatures are going to use a keyring of trusted
> parties.  In fact any formal use (institutional, enterprise) of
> signatures is virtually guaranteed NOT to.

Not all deployments can get away with a single static trust list either, but
that's by far the most common "solution" to the part of the algorithm you
don't show up above.

-- Scott

View raw message