W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

RE: revised XML signature syntax from Oslo

From: Richard D. Brown <rdbrown@Globeset.com>
Date: Tue, 20 Jul 1999 15:06:40 -0500
To: "'Peter Lipp (by way of \"Joseph M. Reagle Jr.\" <reagle@w3.org>)'" <Peter.Lipp@iaik.at>, "'IETF/W3C XML-DSig WG'" <w3c-ietf-xmldsig@w3.org>
Message-ID: <007701bed2eb$61d4dc00$0bc0010a@artemis.globeset.com>

> I was wondering if it did not make sense to combine those two
> parts into
> something like
> >         <sig-alg AlgorithmName>
> >            <Alg-Info/>
> >            <KeyingInfo/>
> >         <sig-alg/>
> Reason: Keyinginfo will most likely be highly dependent on Alg-Info.

Not quite true. I can use any public-key signature algorithm and refer to
the public key either by a KeyID (whose actual meaning could be left to the
relying party) or the ISN of a certificate. Identification of the keying
material is independent of the algorithm being used (in most circumstances).
How we refer to the keying material is most likely dependent on the 'key and
trust' management infrastructure in place.


Richard D. Brown
Software Architect - R&D
Globeset, Inc. Austin, TX - U.S.
Received on Tuesday, 20 July 1999 16:07:12 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:31 UTC