[xmlsec] [Q.] verification fail (can not find <KeyInfo>)

Aleksey Sanin aleksey at aleksey.com
Tue Jan 7 01:20:28 PST 2003

As far as I can understand the spec,

Type="http://www.w3.org/2000/09/xmldsig#RSAKeyValue" .../>

should point to <dsig:RSAKeyValue/> element. In your XML it points to 
element which seems wrong to me. I would agree that the XML DSig is not 
fully clear
here but I believe there was a disussion in XML DSig working group 
mailing list about this.
However, I might be wrong and it'll be great to get second opinion on 
this. Rich?


EGB:STONEROSES at MATRIX (Blusjune Jung / Daum.net) wrote:

>Hi, aleksey ~   :)
>At first, really thank you for your good ``xmlsec'' library!!!
>I have one curious question.. ^^
>Would you explain the reason of the following result?
>By use of xml.apache.org XML library,
>my partner (in my XML team) has created XML-signed message
>which uses <RetrievalMethod> to get the public key to verify.
>I've got that message and tried to verify it,
>but the result of operation is "fail".
>What's my or my partner's mistake?
>How can I solve this problem?
>Thank you for your reading!  ^^
>The following is XML-signed message (to be verified):

More information about the xmlsec mailing list