[xmlsec] xmlsec-mscrypto code review (patch #2)

Wouter wsh at xs4all.nl
Mon Sep 22 13:06:05 PDT 2003

> 4) xmlSecMSCryptoKeysStoreFindKey
> Do we want to put key in simple keys store if we found it in the 
> MSCrypto store?
> It does not like ok to me because a server app might run for a long 
> time. If some
> key was compromised and revoked from MSCrypto store then the 
> cached copy 
> in simple
> keys store would still be alive.

You're right here. I look at this from a client approach, and regarded
the simple keys store as a temporarily cache. You definitly don't want
to simulate some certificate manager type of manager here, so I think we
better remove to part where the key is added to the simple key store.

More information about the xmlsec mailing list