I'm currently developing some software that uses XML Signing to transfer files securely between two machines. We're using X.509 certificates from our own CA as keys.
The CA (Windows 2003 server) offers several types of certificates (Email Cert, Server Cert, ...)
Which one of those would I need to generate for XML Signature? To my knowlede for signing a cert needs the "digital signing" extension, but how does that map to what Windows Server 2003 offers when filling out a certificte request?
Also helpful would be some pointers to good documentation, google searches regarding x509 drown in white noise of articles concerning other topics around certificates.
A XML Signature is just the format the signature is stored in, you do not need special key usages for XML Signatures itself.