W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2011

Indicating certificate order in XML Dig Sig

From: Marcos Caceres <marcosscaceres@gmail.com>
Date: Mon, 20 Jun 2011 14:37:51 +0200
Message-ID: <BANLkTi=U5Xv4h3Qgj2Ft_4xDK0-Gbaz6zw@mail.gmail.com>
To: public-webapps <public-webapps@w3.org>, XMLSec <public-xmlsec@w3.org>
Cc: Thomas Roessler <tlr@w3.org>, Frederick Hirsch <frederick.hirsch@nokia.com>, Kai Hendry <kai.hendry@wacapps.net>, Paddy Byers <paddy.byers@gmail.com>
Is there some means to explicitly indicate the order in which
certificates in an xml dig sig file should be processed? The problem
is that if you screw up the certificate order in the xml file, the
validator (e.g,. xmlsec) does not know which cert is the end-entity.

See also the following from Aleksey Sanin's, which provides a bit more detail:


TLR, Frederick, or members of XMLSec, maybe you could comment?

Kind regards,

Marcos Caceres
Received on Monday, 20 June 2011 12:39:03 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:13:20 UTC