Reference to KeyInfo information, not the KeyInfo element itself. In his reply, Rich cited the part
4.4.3 The RetrievalMethod Element A RetrievalMethod element within KeyInfo is used
to convey a reference to KeyInfo information that is stored at another location.
of the spec describes what exactly happens
http://www.aleksey.com/pipermail/xmlsec/2003/000475.html
(you probably should sign up to the mailing list to get all the emails). You might want to ask this
question in the XML DSig working group mailing list or better search the archive because
I believe it was already discussed:
http://www.w3.org/Signature/
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/
As I wrote you, I do think that the spec is not fully clear about this and I remember I had
questions myself :) Probably the best way is to go and find answers is to go and ask the
authors of the document.
You patch looks correct in the assumption that you have. However, I think that you are wrong
and by this your patch is also wrong :)
Aleksey
_______________________________________________
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
