Chapter 13. The KeyInfo Element

Both XMLDSIG and XML Encryption use the KeyInfo element. It appears as the child of a SignedInfo, EncryptedData, or EncryptedKey element and provides information to a recipient about what keying material to use in validating a signature or decrypting encrypted data. (This element is also used in XKMS, as described in Chapter 14.)

In both signature and encryption, the KeyInfo element is optional, because the recipient may be able to determine the right key to use from the application context. For example, in a protocol application, the channel over which the recipient gets the message or some other name, index, or data in the message may signal the recipient about which key or keys to use.

Each KeyInfo element can have zero or more child elements that give the value of or refer in various ways to the keying material. A KeyInfo with no content is about as useful as no KeyInfo at all. Even so, the standards include this option, as it may be easier for applications that dynamically calculate the KeyInfo content. It might not be convenient, at the time that the application outputs the KeyInfo start tag, to know whether it will have content.

All child elements of a KeyInfo element must refer to the same key. You might want multiple child elements because different recipients understand different forms. You might even want multiple child elements for a single recipient, if you were not sure which form of key reference they could use.

In retrospect, because KeyInfo is a major shared element between XMLDSIG and XML Encryption that had to be substantially augmented for encryption, it would have been better if this element had its own namespace and was defined in a separate document.