Digitally signing XML document and delivering via httpsin a c++application

[rudupa]

I need to sign a document using XML DSIG C++ library and deliver using
openssl and https, as a client to customer's web services application
server.

I have following questions
1) Can I create certificate using a tool like keytool available on
LINUX and Solaris, use that certificate to digitally sign the XML
document? Do I need to get a certificate from certificate authority
like verisign?
2) If I embed the certificate inside the XML, say, keyinfo tag, can
recipient verify the signature using information in the XML document?
That is, do they need to have a copy of certificate locally?

Thanks,
RU

 

[red floyd]

I need to sign a document using XML DSIG C++ library and deliver using
openssl and https, as a client to customer's web services application
server.

I have following questions
1) Can I create certificate using a tool like keytool available on
LINUX and Solaris, use that certificate to digitally sign the XML
document? Do I need to get a certificate from certificate authority
like verisign?
2) If I embed the certificate inside the XML, say, keyinfo tag, can
recipient verify the signature using information in the XML document?
That is, do they need to have a copy of certificate locally?

ISO/IEC 14882:2003 does not discuss XML, certificates, digiital
signatures, etc...

May I suggest you ask in either a Linux or a Solaris newsgroup?