The answer to the trivial question from my blog based upon the March 8, 2006 WebCasts “Least Privilege Development and New System.Security Features” is below:
The KeyInfo element can consist of either a <KeyName/> or a <RetrievalMethod/> child element. What is the purpose of each element and what are the differences between the two elements?
Both elements are used to provide additional information about KeyInfo:
KeyName - is a string identifying a key pair [key identifier]. Something along the lines of <!ELEMENT KeyName (#PCDATA)>
RetrievalMethod - on the other hand retrieval method is a reference to a remote source that can be used to gather information about the KeyInfo.
For instance, signatures in a document may use a key verified by a certificate chain appearing once in a document or remotely outside the document; where each signature's KeyInfo can reference this chain using a single RetrievalMethod.
One element is a string that has the potential to indirectly identify a key while the other is used as direct reference.
We now have our three winners. Thank you everyone for attending the Webcast and look forward to seeing you next week.