W3C home > Mailing lists > Public > w3c-xml-sig-ws@w3.org > April 1999

RE: XML interface with URIs

From: Phillip M Hallam-Baker <pbaker@verisign.com>
Date: Mon, 26 Apr 1999 14:30:58 -0400
To: <rdbrown@GlobeSet.com>, "'Bob Relyea'" <relyea@netscape.com>
Cc: "'Bede McCall'" <bede@mitre.org>, <w3c-xml-sig-ws@w3.org>
Message-ID: <002e01be9012$edb31460$6e07a8c0@pbaker-pc.verisign.com> 

> I was not refering to what appear on the wire but rather what is being fed
> to the "crypto-engine". If I make use of a crypto-algorithm (i.e. DSA)
> through some crypto API (i.e. JCE), I just pass a reference to or
> the value
> of the private-key. If I make use of a package such as PKCS#7, I usually
> have to pass not only a refernce to the private key but also the
> certificate
> chain.

That is inescapable. If a message format is going to support the
transport of certificate chains, APIs which build messages in the
format must allow a certificate chain to be supplied.

I would expect any sane signed XML API to allow a certificate chain
be passed.


		Phill
Received on Tuesday, 27 April 1999 14:29:48 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 11:28:04 EDT