[xmlsec] xmlsec-mscrypto code review (patch #2)
wsh at xs4all.nl
Mon Sep 22 13:06:05 PDT 2003
> 4) xmlSecMSCryptoKeysStoreFindKey
> Do we want to put key in simple keys store if we found it in the
> MSCrypto store?
> It does not like ok to me because a server app might run for a long
> time. If some
> key was compromised and revoked from MSCrypto store then the
> cached copy
> in simple
> keys store would still be alive.
You're right here. I look at this from a client approach, and regarded
the simple keys store as a temporarily cache. You definitly don't want
to simulate some certificate manager type of manager here, so I think we
better remove to part where the key is added to the simple key store.
More information about the xmlsec