RE: Poll: Limiting KeyValue to a single Instance?

I vote to keep the definition as it currently is.  I can certainly think of
situations in which I might want to transmit multiple KeyValues at once.
(For example, as part of an XKMS transaction.)  As KeyInfo is now referenced
and used by multiple protocols we cannot assume that it or any of its child
nodes will only occur in an XMLDSIG structure when modifying the
specification.

					--bal

-----Original Message-----
From: Joseph M. Reagle Jr. [mailto:reagle@w3.org] 
Sent: Friday, February 16, 2001 10:25 AM
To: IETF/W3C XML-DSig WG
Cc: TAMURA Kent
Subject: Poll: Limiting KeyValue to a single Instance?


In [1] Kent asked, "The current specification also permits multiple KeyValue

elements in a KeyInfo element.  What does this mean?" Given we've been 
trying to clarify other ambiguities, and with respect to the X509 SKI, 
SubjectName, and IssuerSerial, should we also limit KeyValue to occurring 
once and applying to the validation key, or should we keep the meaning that 
it's simply a "key that may be useful in validating the signature?"

Please respond by end of Tuesday Feb 20th.



[1]
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001JanMar/0052.html

__
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Sunday, 18 February 2001 03:25:09 UTC