I've been including a certificate chain in a separate portion of the XML document (not within KeyInfo). I've also been placing a X509IssuerSerial in KeyInfo to allow my application to find the appropriate certificate chain in the document. It would be as convenient for me to simply include an XML ID inside KeyInfo that points to the first certificate in the chain. Is there any way to express a KeyInfo item as a simple XML ID? Possibly using RetrievalMethod or something else? --Kevin -----Original Message----- From: Joseph M. Reagle Jr. [mailto:reagle@w3.org] Sent: Monday, July 31, 2000 2:53 PM To: Brian LaMacchia Cc: 'tgindin@us.ibm.com'; Gregor Karlinger; Barb Fox; XML Subject: RE: AW: Errors and Questions At 13:58 7/28/2000 -0700, Brian LaMacchia wrote: >The fact that we are continuing to have problems settling on a schema for >X509Data this late in the game causes me to reconsider including X509Data in >the core DSIG specification. I think that is an interesting proposal. As a point of history, I believe we introduced these as place-holders and examples such that readers could see how to use KeyInfo for things beyond RSA and DSA. But as time went on and people used those examples we refined what we had. However, we are approaching a point that is out of scope. >XMLDSIG and I fear it will hold up progression of the standard. If other >folks agree we should discuss this in Pittsburgh next week. I'll include it in my list of issues to discuss on Thursday. _________________________________________________________ Joseph Reagle Jr. W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Monday, 31 July 2000 16:31:57 UTC