[xmlsec] Wrong key selection in simple keys store?
Rich Salz
rsalz at datapower.com
Sat Sep 13 13:45:38 PDT 2003
> And in general, I would not recommend to search for keys without specifying
> a unique key name. It sounds like a good way to get yourself in trouble.
Strongly agree. Unless the keystore has exactly one key, I think a name
(or some other identifying information) should be required.
Ambiguity in signing is a bad idea. :)
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
More information about the xmlsec
mailing list