I'd like to report as much useful information as possible in the event signature generation or validation fails. Ideally, this would include the name of any failed transform(s). I could use xmlSecTransformId's href member, but it seems like a really bad idea to rely on an internal structure. Would you (Aleksey) consider adding a function to obtain a human-readable name given a transformId?
Returning the href would be trivial; in the best of all possible worlds, you'd also be able to get a "friendlier" string (say, "Enveloped Signature Transform" for "http://www.w3.org/2000/09/xmldsig#enveloped-signature";). For XML Signature, at least, you might be able to use the header text from the subsections of section 6.0 of the W3C recommendation: "SHA-1," "HMAC," "DSA," "PKCS1 (RSA-SHA1)," "Canonical XML," "Bas64," and so on. There may be better approaches. _______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
