Neither XML Signature nor Encryption specify how to obtain trustworthy
keys.
There's a body of existing (non-XML) standards and infrastucture to
satisfy this requirement.
XKMS provides a Web/XML based interface to existing infrastructure for XML
based applications.