All the crypto libraries support CRLs inside KeyInfo element. However, if you want to use CRLs "on the machine" then the answer depends on the crypto library you are using. For xmlsec-nss and xmlsec-mscrypto, you can simply load the crls into the certificates storage using native APIs. For xmlsec-openssl you will need to load CRLs into the KeyManager... And I just found that there is no function to do this :( I'll add one tonight, it is trivial.
Aleksey _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
