W3C home > Mailing lists > Public > w3c-xml-sig-ws@w3.org > April 1999

Re: Single Key in Originator Information

From: Paul Lambert <plambert@certicom.com>
Date: Thu, 22 Apr 1999 11:56:51 -0700
To: "Joseph M. Reagle Jr. (W3C)" <reagle@w3.org>
cc: w3c-xml-sig-ws@w3.org
Message-ID: <8825675B.00671B04.00@domino2.certicom.com>
Joseph,

>We can't place restrictions on a syntax, ...

Humm ... how do we develop a standard without any  restrictions?  How can
we generate conformance tests?

I agree that we can not prevent extensions and should even encourage
flexibility, but we need to have some minimum syntax and some restrictions
on the ways the syntax is used.    I believe this is just a matter of
specification approach and guidelines.

This restriction on syntax is one of the reasons I'm pushing on
differentiating the characteristics of a keyed hash versus public key
mechanisms.  Keyed hash mechanisms require a Recipient Info field.  Public
key techniques do not need to provide recipient unique information.

Paul






"Joseph M. Reagle Jr. (W3C)" <reagle@w3.org> on 04/22/99 06:41:22 AM

To:   Paul Lambert/Certicom
cc:   w3c-xml-sig-ws@w3.org
Subject:  Re: Single Key in Originator Information




At 01:27 PM 4/21/99 -0700, Paul Lambert wrote:
 >So, I propose that:
 > XML digital signatures must carry only a single originator key or
 >certificate.

I had a similar concern when I wrote the example, but I primarily wanted to
show the usefulness of RDF semantics. Regardless, how would you
characterize
this type of restriction? We can't place restrictions on a syntax, so this
is an operational requirement on trust applications?
___________________________________________________________
Joseph Reagle Jr.  W3C:     http://www.w3.org/People/Reagle/
Policy Analyst     Personal:  http://web.mit.edu/reagle/www/
                   mailto:reagle@w3.org
Received on Thursday, 22 April 1999 15:05:02 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 11:28:04 EDT