"Signature Validation"


Must be clear by what we mean when a signature is "valid"

Signature Validation
Does the SignatureValue matches the result of processing SignedInfo with  CanonicalizationMethod and SignatureMethod as specified in 6.2?
Reference Validation
Does the DigestValue of the derferenced URI matches the DigetsValue in SignedInfo?
Trust/Application Validation
Does the application trust the signed assertions? (Was the key strong enough, is it from a trusted party, how old is the signature ...?)