Digitally signing XML document and delivering via httpsin a c++application

07/02/2008, 15h35

I need to sign a document using XML DSIG C++ library and deliver using
openssl and https, as a client to customer's web services application
server.

I have following questions
1) Can I create certificate using a tool like keytool available on
LINUX and Solaris, use that certificate to digitally sign the XML
document? Do I need to get a certificate from certificate authority
like verisign?
2) If I embed the certificate inside the XML, say, keyinfo tag, can
recipient verify the signature using information in the XML document?
That is, do they need to have a copy of certificate locally?

Thanks,
RU

07/02/2008, 23h36

rudupa@easylink.com wrote:
> I need to sign a document using XML DSIG C++ library and deliver using
> openssl and https, as a client to customer's web services application
> server.
>
> I have following questions
> 1) Can I create certificate using a tool like keytool available on
> LINUX and Solaris, use that certificate to digitally sign the XML
> document? Do I need to get a certificate from certificate authority
> like verisign?
> 2) If I embed the certificate inside the XML, say, keyinfo tag, can
> recipient verify the signature using information in the XML document?
> That is, do they need to have a copy of certificate locally?
>

ISO/IEC 14882:2003 does not discuss XML, certificates, digiital
signatures, etc...

May I suggest you ask in either a Linux or a Solaris newsgroup?

07/02/2008, 15h35	#1
rudupa@easylink.com Messages: n/a Hébergeur:	Digitally signing XML document and delivering via httpsin a c++application I need to sign a document using XML DSIG C++ library and deliver using openssl and https, as a client to customer's web services application server. I have following questions 1) Can I create certificate using a tool like keytool available on LINUX and Solaris, use that certificate to digitally sign the XML document? Do I need to get a certificate from certificate authority like verisign? 2) If I embed the certificate inside the XML, say, keyinfo tag, can recipient verify the signature using information in the XML document? That is, do they need to have a copy of certificate locally? Thanks, RU

07/02/2008, 23h36	#2
red floyd Messages: n/a Hébergeur:	Re: Digitally signing XML document and delivering via httpsin a c++application rudupa@easylink.com wrote: > I need to sign a document using XML DSIG C++ library and deliver using > openssl and https, as a client to customer's web services application > server. > > I have following questions > 1) Can I create certificate using a tool like keytool available on > LINUX and Solaris, use that certificate to digitally sign the XML > document? Do I need to get a certificate from certificate authority > like verisign? > 2) If I embed the certificate inside the XML, say, keyinfo tag, can > recipient verify the signature using information in the XML document? > That is, do they need to have a copy of certificate locally? > ISO/IEC 14882:2003 does not discuss XML, certificates, digiital signatures, etc... May I suggest you ask in either a Linux or a Solaris newsgroup?

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email