The plan sounds good! But you can use keys manager as well. The idea is that you load keys (steps 1-4), assign a unique "name" string and then put them into keys manager. After that you prepare a template with KeyName element set to the name of the key name you want to use and just sign it. Note that this approach is not better or worse than what you propose. Both would work just fine.
And sorry that I can't help with MSCrypto details. Hope someone from the mailing list will do it.
Aleksey
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
