comment from Yassir Elley on 2001-11-16 (www-xkms-ws@w3.org from November 2001)

From: Yassir Elley <yassir.elley@sun.com>
Date: Fri, 16 Nov 2001 16:18:56 -0500
To: www-xkms-ws@w3.org
Message-ID: <3BF582C0.C61C990E@sun.com>

Bullet 2.1.12 states that the underlying PKI should be transparent to the
client. Does this mean that an X-KISS client will be unable to take advantage
of mechanisms specific to a particular underlying PKI? For example, if the
underlying PKI is X.509, the X.509 certificate validation algorithm uses trust anchor
and certificate policy information as inputs. How does the X-KISS Validate service
know which trust anchors and certificate policies to use when building a validated chain of X.509
certificates on behalf of a certain client?

-Yassir

Received on Friday, 16 November 2001 16:21:18 UTC