W3C home > Mailing lists > Public > public-xmlsec@w3.org > February 2009

KeyInfo and raw data (RetrievalMethod Types)

From: Thomas Roessler <tlr@w3.org>
Date: Mon, 16 Feb 2009 15:12:33 +0100
Message-Id: <FB8728E6-8766-4361-B9DA-4A7AE4CB9F64@w3.org>
To: XMLSec WG <public-xmlsec@w3.org>
We define

   http://www.w3.org/2000/09/xmldsig#rawX509Certificate

as a ds:RetrievalMethod/@Type identifier for "a binary (ASN.1 DER) X. 
509 Certificate."

RFC 4051 has additional identifiers  
for 
, ...#rawX509CRL 
, ...#rawPGPKeyPacket, ...#rawSPKISexp, ...#rawPKCS7signedData.

I can't quite tell whether these are intended to identify raw, binary  
data (which, in case we're referring to something that lives in the  
same XML document, would probably have to be base64 decoded through a  
ds:Transform), or whether it's intended for base64 encoded versions of  
the raw data.

The spec text seems to suggest the former; I wonder what people have  
done in implementations.

Thanks,
--
Thomas Roessler, W3C  <tlr@w3.org>
Received on Monday, 16 February 2009 14:12:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT