Both XMLDSIG and XML Encryption use the KeyInfo element. It appears as the child of a SignedInfo, EncryptedData, or EncryptedKey element and provides information to a recipient about what keying material to use in validating a signature or decrypting encrypted data. (This element is also used in XKMS, as described in Chapter 14.)
In both signature and encryption, the KeyInfo element is optional, because the recipient may be able to determine the right key to use from the application context. For example, in a protocol application, the channel over which the recipient gets the message or some other name, index, or data in the message may signal the recipient about which key or keys to use.
Each KeyInfo element can have zero or more child elements that give the value of or refer in various ways to the keying material. A KeyInfo with no content is about as useful as no KeyInfo at all. Even so, the standards include this option, as it may be easier for applications that dynamically calculate the KeyInfo content. It might not be convenient, at the time that the application outputs the KeyInfo start tag, to know whether it will have content.
All child elements of a KeyInfo element must refer to the same key. You might want multiple child elements because different recipients understand different forms. You might even want multiple child elements for a single recipient, if you were not sure which form of key reference they could use.