Any fail of a reference or the Signedinfo is a failure. In the real world it will means that somebody has tampered the signature to fix a tampered referenced. Or somebody has just tampered the referenced and has been lazy to update the signature. But in the developing world use to means wrong transformations, unintentional tampering. etc for checking this we have some debugging methods that can give you more info about what has fail. See the XMLSignature API and examples of using the methods.
Regards, p.s. If you have a better way of exposing this info, don't hesitate in tell On 2/28/07, Scott Cantor <[EMAIL PROTECTED]> wrote:
> I'll still open a bug to have more information come back froma failed > verify than true/false. XML signatures are way too complex to only have > pass/fail. It's actually true both ways...you need more information even if it passes or you have no way to know what's been signed. I do not have a rational proposal to offer for that, however. -- Scott
-- http://r-bg.com
