Thanks Aleksey, I guess there is no non-crypto-specific version of this function ?
Then does a call to xmlSecMSCryptoX509StoreConstructCertsChain do both a cert chain check and a revocation check ? Does this work now, or will it work only after Dmitry's patch ? Thanks, Ed -----Original Message----- From: Aleksey Sanin [mailto:[EMAIL PROTECTED] Sent: December 19, 2005 10:58 AM To: [EMAIL PROTECTED] Cc: 'Dmitry Belyavsky'; 'XMLSec' Subject: Re: [xmlsec] xmlSecMSCryptoX509StoreConstructCertsChain > I can't find where CRL checking is done. Is certificate verification > against a CRL the application's responsibility outside of xmlsec ? In the current xmlsec-mscrypto code the CRL check is done in xmlSecMSCryptoCheckRevocation() function called from xmlSecMSCryptoX509StoreConstructCertsChain() function. Aleksey _______________________________________________ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec