Shibboleth Developers

>  > >   SHIRE failure at (https://perq.cac.washington.edu/shibboleth/SHIRE)
> >  >
> >  >   Exception: cryptographic check failed: SAMLSignedObject::verify() caught
> >  >   an XMLSec crypto exception
> >
> >  I'm guessing now that this is because the xmlsec package requires
> >  precisely md5WithRSAEncryption for signature algorithm.  For some reason
> >  the UW CA seems to issue certs with sha1WithRSAEncryption signatures.
>
> Well, another dead-end.  I used another CA to make a server cert with md5
> sigalg, but same result.  So at this point the only kind of verification
> that seems to work is the kind with the HS server cert stuck into the
> trust.xml file.
>
> I've lost track of which xmlsec package is being used on the target?  Is
> it the one at http://www.aleksey.com/xmlsec/?

I went to the opensaml cvs, and the README file lists this dependency:


xml-security 0.2.0          http://xml.apache.org/security/c/

------------------------------------------------------mace-shib-design-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at 

   http://archives.internet2.edu/

------------------------------------------------------mace-shib-design--