| Microsoft XML Core Services (MSXML) 5.0 for Microsoft Office - Digital Signatures |  |
Certificates and Certificate Authority
[This feature was first implemented for MSXML 5.0.]A certificate is a proof of validity for a public key issued by a certificate authority (CA). In addition to the key itself, a certificate contains information about the subject the certificate is issued to, when the certificate is valid, and the organization that issued the certificate.
When a signature is verified using a public key, it might be a good idea to check the certificate of the key to ensure that the certificate has not expired or been revoked, and that the issuer is a trusted certificate authority.
In MSXML, you can call IXMLDSigKey::getVerifyingCertificate and IXMLDSigKeyEx::getVerifyingCertificateContext to retrieve the available certificate of the key used in signature verification. You can verify the validity of the certificate by using the appropriate methods or functions exposed by CAPICOM or CryptoAPI.