Yeah it helped for me to see that i'm on the right path.
But i'm stil having some problems trying to open revocation lists and so forth.
I got my chain and revocations lists from this URL "http://www.certisign.com.br/suporte/downloads.jsp#icp".
If someone could enlighten me.
Thanks in advance.
www.tracesistemas.com.br
www.tracegp.com.br
| Milan Tomic <[EMAIL PROTECTED]>
05/04/2006 04:36
|
|
Take a look at this article:
http://java.sun.com/j2se/1.4.2/docs/guide/security/certpath/CertPathProgGuide.html
Hope it helps,
Milan
--- Cl�udio Engelsdorff Avila <[EMAIL PROTECTED]> wrote:
> I'm developing an application that signs and validate xml files using the
> apache xml security library.
>
> To sign a file is easy, but the validation part is becoming a real problem
> for me.
>
> I've been able to validate te signature itself, and its expiration dates,
> but i need more than just that. I need to validate the certification chain
> and rcl files as well.
> To be honest I could find some examples to validate the chain, but I don't
> understand how the certification chain really works.
>
> If you guys could give me some steps to follow would be very nice. My
> deadline is coming and i still have some pieces to put together.
>
>
> My goals are:
> - Assure that the certicate used was an end user certificate and not from
> a certification authority; (Didn't find nothing about this kind of
> validation)
> - Adopt rules defined by RFC 3280 for RCL and chain of trust
> (certification chain); (Completely lost on this one)
> - Verify if the revogation and chain lists are up to date; (Didn't get
> that far on my research)
> - Validate the key type used accept only keys type A; (I didn't find
> anything about this types only when you pucharse your key you choose this
> kind of things, at least here on brazil.)
>
>
>
> Thanks in advance.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
