transaction specific policies from Daniel Ash on 2002-08-20 (www-xkms@w3.org from August 2002)

From: Daniel Ash <Daniel.Ash@identrus.com>
Date: Tue, 20 Aug 2002 08:39:37 -0400
To: "'www-xkms@w3.org '" <www-xkms@w3.org>
Message-ID: <2B55DABB95C4D4119C1300508BD953F1A1AAE8@BLUE01>

I'm trying to understand the best way to use XKISS in a particular
scenario.  one which is likely to be very common in the financial community.

The same key is used for multiple transaction-specific policies.  an example
of this type of policy is the European Signature policy.  liability models
will vary from one such policy to another.  considering the same key is
used, the trusted third party must me able to monitor liability exposure in
order effectively manage risks associated with the particular transaction
type/policy.  It also would need to make the statement: "this key is
valid/invalid for this type of transaction".

The options I'm aware of are: 
1.)  use a different XKISS service URL for each transaction type. 
2.)  extend the useWith element with custom transaction types. 

are there more options?  which is the most appropriate? 

-dan 
Identrus

Received on Tuesday, 20 August 2002 08:39:45 UTC