Re: X.509 certificate from Phillip H. Griffin on 2003-01-17 (w3c-ietf-xmldsig@w3.org from January to March 2003)

From: Phillip H. Griffin <phil.griffin@asn-1.com>
Date: Fri, 17 Jan 2003 18:49:49 -0500
To: Joseph Reagle <reagle@w3.org>
Cc: Joseph Swaminathan <jswamina@cisco.com>, w3c-ietf-xmldsig@w3.org
Message-ID: <3E28969D.5060705@asn-1.com>

There's a NWI proposal under ballot in the ISO TC68/SC2
security group that if approved will define an all XML markup
certificate based on the schema defined in ANSI X9.68.

Phil


Joseph Reagle wrote:

>On Friday 17 January 2003 16:56, Joseph Swaminathan wrote:
>  
>
>>certificate which is in binary format. So for a box
>>to support XMLDSIG, it needs to have both XML parser
>>as well as ASN.1 parser isnt' it.
>>    
>>
>
>Yes, I've been calling this the "Frankenstein Complex" for a little over a 
>year now I think.
>
>  
>
>>    I understand using XKMS this validation can be
>>ofloaded to a key management system. But if a box
>>has to do all the validation itself, then does it
>>require both XML & ASN.1 parser to validate
>>certificates isnt it.
>>    
>>
>
>Generally yes -- unless they use XKMS, or use a native XKMS cert format.
>
>
>  
>

Received on Friday, 17 January 2003 18:51:17 UTC