- From: Cantor, Scott E. <cantor.2@osu.edu>
- Date: Wed, 29 Jun 2011 19:32:30 +0000
- To: Sean Mullan <sean.mullan@oracle.com>, "public-xmlsec@w3.org" <public-xmlsec@w3.org>
On 6/29/11 3:24 PM, "Sean Mullan" <sean.mullan@oracle.com> wrote: > >These requirements seem like they should be revisited, especially since a >later >section says to avoid RetrievalMethod because of potential security >concerns >(see Note in section 4.5.10). I think we missed that text making it a SHOULD, actually. > Also, does this imply that all KeyValues must be >supported? Strictly speaking all it says is KeyValue itself, not any particular child elements. Could be clearer. > I would think it should only be supported if there is a required >signature algorithm for the corresponding key type. Had there ever been >any >discussion about updating the list of required KeyInfo types? I think the most that would happen is clarifying your point about KeyValue, and *maybe* making KeyInfoReference a should. All the other new stuff was explicitly insisted on as optional as a condition of adding them. -- Scott
Received on Wednesday, 29 June 2011 19:33:00 UTC