W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2001

RE: Poll: Limiting KeyValue to a single Instance?

From: Brian LaMacchia <bal@microsoft.com>
Date: Sun, 18 Feb 2001 00:13:43 -0800
Message-ID: <0C682B70CE37BC4EADED9D375809768A01754A02@red-msg-04.redmond.corp.microsoft.com>
To: "'Joseph M. Reagle Jr.'" <reagle@w3.org>, IETF/W3C XML-DSig WG <w3c-ietf-xmldsig@w3.org>
Cc: TAMURA Kent <kent@trl.ibm.co.jp>
I vote to keep the definition as it currently is.  I can certainly think of
situations in which I might want to transmit multiple KeyValues at once.
(For example, as part of an XKMS transaction.)  As KeyInfo is now referenced
and used by multiple protocols we cannot assume that it or any of its child
nodes will only occur in an XMLDSIG structure when modifying the


-----Original Message-----
From: Joseph M. Reagle Jr. [mailto:reagle@w3.org] 
Sent: Friday, February 16, 2001 10:25 AM
Subject: Poll: Limiting KeyValue to a single Instance?

In [1] Kent asked, "The current specification also permits multiple KeyValue

elements in a KeyInfo element.  What does this mean?" Given we've been 
trying to clarify other ambiguities, and with respect to the X509 SKI, 
SubjectName, and IssuerSerial, should we also limit KeyValue to occurring 
once and applying to the validation key, or should we keep the meaning that 
it's simply a "key that may be useful in validating the signature?"

Please respond by end of Tuesday Feb 20th.


Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
Received on Sunday, 18 February 2001 03:25:09 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:35 UTC