I'm think that verify (signature) in a policy rule also validates the binary token (certificate) on the message. Is that true?
One more question.
A while back I needed to dp:verify a signature in xslt.
Before the verify happened, I did dp:validate-certificate (certificate) on the message.
Does verify include validate?