Please do not reply to this email- if you want to comment on the bug, go to the URL shown below and enter your comments there.
Changed by [EMAIL PROTECTED] http://bugzilla.ximian.com/show_bug.cgi?id=79454 --- shadow/79454 2006-09-20 13:04:58.000000000 -0400 +++ shadow/79454.tmp.3220 2006-09-20 13:29:28.000000000 -0400 @@ -51,6 +51,26 @@ ------- Additional Comments From [EMAIL PROTECTED] 2006-09-20 13:04 ------- X509Data support has been there since 1.1, so I rather doubt different reason. It would be better if there is a signable X509Certificate to make signing possible. (Stealing the bug, as I'm on trying to fix another EncryptedXml bug.) + +------- Additional Comments From [EMAIL PROTECTED] 2006-09-20 13:29 ------- +Atsushi, the X509Data element is read perfectly fine, and is +available in KeyInfo but SignedXml.CheckSignatureInternal does not +use it (while it should on the 2.0 profile). + +Implementing support for X509 certificates is probably not that +hard, but for issuer serial, subject name and SKI we need to perform +a lookup in the certificate store (and if I'm not mistaken, this is +not implemented yet). + +From MSDN: + +"In version 2.0 and later of the .NET Framework, the CheckSignature +method will search the "AddressBook" store for certificates suitable +for the verification. For example, if the certificate is referenced +by a Subject Key Identifier (SKI), the CheckSignature method will +select certificates with this SKI and try them one after another +until it can verify the certificate." + _______________________________________________ mono-bugs maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-bugs
