W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2009

ACTION-166: Warning on X509IssuerSerial

From: Scott Cantor <cantor.2@osu.edu>
Date: Sun, 18 Jan 2009 18:19:12 -0500
To: "'XMLSec WG Public List'" <public-xmlsec@w3.org>
Message-ID: <022e01c979c3$2c869190$8593b4b0$@2@osu.edu>

Suggested text for the end of section 4.4.4, after the new certificate
encoding language:

"Deployments that expect to make use of the X509IssuerSerial element should
be aware that many Certificate Authorities issue certificates with large,
random serial numbers. Such deployments should avoid schema-validating the
X509IssuerSerial element. XML Schema validators may not support decimal data
types with more than 18 decimal digits [XML-schema]."

I was considering that it might be useful to also include a sentence
indicating that a future version of the specification would correct this
problem, but don't know what people think about that.

-- Scott
Received on Sunday, 18 January 2009 23:19:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT