W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2000

Re: KeyInfo questions/comments

From: Carl Wallace <cwallace@erols.com>
Date: Mon, 13 Mar 2000 19:31:32 -0500
Message-ID: <003001bf8d4c$a6617920$477c60cf@ornette>
To: "Barb Fox" <bfox@EXCHANGE.MICROSOFT.com>, "dsig" <w3c-ietf-xmldsig@w3.org>
Cc: <pmhesse@cygnacom.com>
Barb,

Thanks to Brian's comments I understand now the idea is for KeyInfo to serve as a "hint" and little/nothing more.  However, I still fail to see where KeyValue provides anything in the way of "base interoperability" where a PKI application receives a key via KeyValue from a non-PKI application and thus fail to see why KeyValue is required.  It seems only to provide enough interoperability for a non-PKI application to deliver a key that cannot be validated to a PKI application.

Without clarification in the text as to the intent, I believe the structures provide too much of an invitation to be used in a manner not consistent with the intent.  As for the DSA parameters, since using them directly from a KeyValue is not the idea, why mandate their inclusion?   Certainly there would be no harm in relaxing the requirement that every KeyValue include them; a simple minOccurs=0 seems appropriate.  It would definitely save many bits spent on information that's really more nice to have than necessary for many/most implementations.

-Carl  
Received on Monday, 13 March 2000 19:31:49 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:09 GMT