[xmlsec] X509, verification of signature

Aleksey Sanin aleksey at aleksey.com
Fri Mar 18 14:53:03 PST 2005

In theory, both xmlsec and phaos implement the same W3C xmldsig,
c14n, ... specs. And (in theory) there should be no problems like
this because all implementations should do the same thing.

However, in reality the specs are really complex and sometimes
problems like this show up. Unfortunately, for debugging this
particular problem one needs to have both implementations and I
can not help you much because I don't have Phaos code. If it
would be found that xmlsec is doing wrong thing (according to
W3C specs) then I would be more than happy to fix it in xmlsec.


Highdone Trias wrote:
> That's fine.
> I am not sure, but maybe this question will be dependant on the signed 
> document that I gave to you...
> Is there any way I can tweak XMLSec to match Phaos's standards, in signing 
> and verifying the xml document? 
> Thanks in advanced.
> Highdone Trias
> Advent Resources, Inc.
> www.adventresources.com
> 310.241.1500x2214
> ---------- Original Message -----------
> From: Rich Salz <rsalz at datapower.com>
> To: Highdone Trias <highdonet at adventresources.com>
> Cc: Aleksey Sanin <aleksey at aleksey.com>
> Sent: Fri, 18 Mar 2005 14:53:34 -0500
> Subject: Re: [xmlsec] X509, verification of signature
>>>Any status on the signed document that I sent to you?
>>Sorry no.  Maybe mid-next-week.
>>Rich Salz, Chief Security Architect
>>DataPower Technology                           http://www.datapower.com
>>XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
> ------- End of Original Message -------

More information about the xmlsec mailing list