[Bulk] Re: [xmlsec] Verify - OpenSSL vs mscrypto
Aleksey Sanin
aleksey at aleksey.com
Wed Jan 11 11:10:29 PST 2006
> The xmlSecDSigCtxVerify function does NOT presently trigger the checking of
> the cert chain when using mscrypto. It does when using openssl. This is an
> API inconsistency at the xmlsec level. So if xmlSecDSigCtxVerify doesn't
> trigger the checking, what mscrypto function does ? Is it even supported ?
>
I am not sure I understand this. I do believe that the xmlsec-mscrypto
code *does* build the chain and it *does* verify it against the
"trusted" certificates installed by the app.
With Dmitry's patch, xmlsec-mscrypto *also* uses trusted certificates
from the MSCrypto certificates store.
Aleksey
More information about the xmlsec
mailing list