W3C home > Mailing lists > Public > public-xmlsec@w3.org > December 2008

RE: Digital Signatures use in widgets

From: Scott Cantor <cantor.2@osu.edu>
Date: Thu, 18 Dec 2008 11:09:16 -0500
To: "'Frederick Hirsch'" <frederick.hirsch@nokia.com>
Cc: "'XMLSec WG Public List'" <public-xmlsec@w3.org>
Message-ID: <04dc01c9612a$fa296f70$ee7c4e50$@2@osu.edu>

> The key point is that the cert and sig lifecycle in general should not
> be expected to match so the signature will need a property, such as
> the  "expires" property. It will be up to the deployment policy to
> figure out the details of various life cycles.

Hmm, isn't it more a function of the data itself to indicate that it's
"expired"? I don't know that it's the right semantic to make the signature
itself expire, at least for that purpose.

-- Scott
Received on Thursday, 18 December 2008 16:09:58 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:10 UTC