[xmlsec] Re: FW: X509SerialNumber

Aleksey Sanin aleksey at aleksey.com
Thu Sep 2 09:56:32 PDT 2004

No, I think you are mistaken. "Issuer serial" is the serial number
of this certificate and it is unique for all certificates from this
issuer. Thus the certificate can be identified by the issuer name
and the "issuer serial number" of the certificate.


Wes Thomas wrote:
> Does the X509SerialNumber node within the X509IssuerSerial node, *NOT* refer
> to the serial number for the issuer certificate?
> <X509IssuerSerial> 
> 	<X509IssuerName>My CA for Certificate A</X509IssuerName>
> 	<X509SerialNumber>12345678</X509SerialNumber>
> </X509IssuerSerial>
> The way I read
> http://www.w3.org/TR/2000/WD-xmldsig-core-20000510/#sec-X509Data and the
> example they give (listed above), the X509SerialNumber should contain the
> issuer's serial number, NOT the serial number of the certificate used for
> signing. Is this correct? 

More information about the xmlsec mailing list