[Bulk] Re: [Bulk] Re: [Bulk] Re: [xmlsec] OpenSSL vs mscrypto

Edward Shallow ed.shallow at rogers.com
Thu Jan 12 23:09:16 PST 2006

Yes thanks for your help. I will triple check everything on a new machine.


-----Original Message-----
From: xmlsec-bounces at aleksey.com [mailto:xmlsec-bounces at aleksey.com] On
Behalf Of Aleksey Sanin
Sent: January 13, 2006 1:44 AM
To: ed.shallow at rogers.com
Cc: xmlsec at aleksey.com
Subject: [Bulk] Re: [Bulk] Re: [Bulk] Re: [xmlsec] OpenSSL vs mscrypto

I am really sorry but I don't understand what you are complaining about. I
don't observe the problem you have. And I can do nothing unless you give
exact steps to reproduce it.


Edward Shallow wrote:
> Yes of course I get a match on "Test User 1" and everything works. The 
> point is "It shouldn't work". When I do not load --trusted-der it 
> should not work, and it does. Meaning "No cert chain checking".
> It is impossible for your script to work without loading "Test User 1" 
> into the 'MY' store. In fact the command line utility defaults to 'MY' 
> so you have to put it there. If you are using my signed document it 
> contains <dsig:KeyName>. You said you are not using --enabled-key-data 
> so standard processing in mscrypto will try to find "Test User 1" no
matter what.
> There is nothing tricky about my setup, it passes all your test suite 
> perfectly.
> I am puzzled at your explanation ?
> Ed

xmlsec mailing list
xmlsec at aleksey.com

More information about the xmlsec mailing list