|
I only found the certificate chains
there,
but not the revocation lists.
----- Original Message -----
Sent: Thursday, April 06, 2006 10:17
AM
Subject: Re: Need lots of help -
Validating Signed XML files
Yeah it helped for me to see
that i'm on the right path.
But
i'm stil having some problems trying to open revocation lists and so
forth.
I got my chain and revocations
lists from this URL "http://www.certisign.com.br/suporte/downloads.jsp#icp".
If someone could enlighten me.
Thanks in advance.
www.tracesistemas.com.br
www.tracegp.com.br
| Milan Tomic
<[EMAIL PROTECTED]>
05/04/2006 04:36
|
|
Take a look at this
article:
http://java.sun.com/j2se/1.4.2/docs/guide/security/certpath/CertPathProgGuide.html
Hope
it helps,
Milan
--- Cl�udio Engelsdorff Avila
<[EMAIL PROTECTED]> wrote:
> I'm developing an
application that signs and validate xml files using the
> apache xml
security library.
>
> To sign a file is easy, but the validation
part is becoming a real problem
> for me.
>
> I've been
able to validate te signature itself, and its expiration dates,
> but i
need more than just that. I need to validate the certification chain
>
and rcl files as well.
> To be honest I could find some examples to
validate the chain, but I don't
> understand how the certification
chain really works.
>
> If you guys could give me some steps to
follow would be very nice. My
> deadline is coming and i still have
some pieces to put together.
>
>
> My goals are:
> -
Assure that the certicate used was an end user certificate and not from
> a certification authority; (Didn't find nothing about this kind of
> validation)
> - Adopt rules defined by RFC 3280 for RCL and
chain of trust
> (certification chain); (Completely lost on this
one)
> - Verify if the revogation and chain lists are up to date;
(Didn't get
> that far on my research)
> - Validate the key type
used accept only keys type A; (I didn't find
> anything about this
types only when you pucharse your key you choose this
> kind of things,
at least here on brazil.)
>
>
>
> Thanks in
advance.
__________________________________________________
Do
You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection
around
http://mail.yahoo.com
|
