On 6/29/11 3:24 PM, "Sean Mullan" <sean.mullan@oracle.com> wrote: > >These requirements seem like they should be revisited, especially since a >later >section says to avoid RetrievalMethod because of potential security >concerns >(see Note in section 4.5.10). I think we missed that text making it a SHOULD, actually. > Also, does this imply that all KeyValues must be >supported? Strictly speaking all it says is KeyValue itself, not any particular child elements. Could be clearer. > I would think it should only be supported if there is a required >signature algorithm for the corresponding key type. Had there ever been >any >discussion about updating the list of required KeyInfo types? I think the most that would happen is clarifying your point about KeyValue, and *maybe* making KeyInfoReference a should. All the other new stuff was explicitly insisted on as optional as a condition of adding them. -- ScottReceived on Wednesday, 29 June 2011 19:33:00 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 29 June 2011 19:33:01 GMT