<dsig:RetrievalMethod Type="http://www.w3.org/2000/09/xmldsig#RSAKeyValue" .../>
should point to <dsig:RSAKeyValue/> element. In your XML it points to <dsig:KeyInfo/>
element which seems wrong to me. I would agree that the XML DSig is not fully clear
here but I believe there was a disussion in XML DSig working group mailing list about this.
However, I might be wrong and it'll be great to get second opinion on this. Rich?
Aleksey
EGB:STONEROSES@MATRIX (Blusjune Jung / Daum.net) wrote:
Hi, aleksey ~ :) At first, really thank you for your good ``xmlsec'' library!!!I have one curious question.. ^^ Would you explain the reason of the following result? By use of xml.apache.org XML library, my partner (in my XML team) has created XML-signed message which uses <RetrievalMethod> to get the public key to verify. I've got that message and tried to verify it, but the result of operation is "fail". What's my or my partner's mistake? How can I solve this problem? Thank you for your reading! ^^ The following is XML-signed message (to be verified): =
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec