Take a look at this article: http://java.sun.com/j2se/1.4.2/docs/guide/security/certpath/CertPathProgGuide.html
Hope it helps, Milan --- Cl�udio Engelsdorff Avila <[EMAIL PROTECTED]> wrote: > I'm developing an application that signs and validate xml files using the > apache xml security library. > > To sign a file is easy, but the validation part is becoming a real problem > for me. > > I've been able to validate te signature itself, and its expiration dates, > but i need more than just that. I need to validate the certification chain > and rcl files as well. > To be honest I could find some examples to validate the chain, but I don't > understand how the certification chain really works. > > If you guys could give me some steps to follow would be very nice. My > deadline is coming and i still have some pieces to put together. > > > My goals are: > - Assure that the certicate used was an end user certificate and not from > a certification authority; (Didn't find nothing about this kind of > validation) > - Adopt rules defined by RFC 3280 for RCL and chain of trust > (certification chain); (Completely lost on this one) > - Verify if the revogation and chain lists are up to date; (Didn't get > that far on my research) > - Validate the key type used accept only keys type A; (I didn't find > anything about this types only when you pucharse your key you choose this > kind of things, at least here on brazil.) > > > > Thanks in advance. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
