Answer to the Trivial Question

The answer to the trivial question from my blog based upon the March 8, 2006 WebCasts “Least Privilege Development and New System.Security Features” is below:



The KeyInfo element can consist of either a <KeyName/> or a <RetrievalMethod/> child element.  What is the purpose of each element and what are the differences between the two elements?



Both elements are used to provide additional information about KeyInfo:


KeyName - is a string identifying a key pair [key identifier].  Something along the lines of <!ELEMENT KeyName (#PCDATA)>


RetrievalMethod - on the other hand retrieval method is a reference to a remote source that can be used to gather information about the KeyInfo.


For instance, signatures in a document may use a key verified by a certificate chain appearing once in a document or remotely outside the document; where each signature's KeyInfo can reference this chain using a single RetrievalMethod.



One element is a string that has the potential to indirectly identify a key while the other is used as direct reference.


We now have our three winners.  Thank you everyone for attending the Webcast and look forward to seeing you next week.