> I'll still open a bug to have more information come back froma failed > verify than true/false. XML signatures are way too complex to only have > pass/fail.
It's actually true both ways...you need more information even if it passes or you have no way to know what's been signed. I do not have a rational proposal to offer for that, however. -- Scott
