W3C home > Mailing lists > Public > www-xkms@w3.org > August 2002

transaction specific policies

From: Daniel Ash <Daniel.Ash@identrus.com>
Date: Tue, 20 Aug 2002 08:39:37 -0400
Message-ID: <2B55DABB95C4D4119C1300508BD953F1A1AAE8@BLUE01>
To: "'www-xkms@w3.org '" <www-xkms@w3.org>
I'm trying to understand the best way to use XKISS in a particular
scenario.  one which is likely to be very common in the financial community.

The same key is used for multiple transaction-specific policies.  an example
of this type of policy is the European Signature policy.  liability models
will vary from one such policy to another.  considering the same key is
used, the trusted third party must me able to monitor liability exposure in
order effectively manage risks associated with the particular transaction
type/policy.  It also would need to make the statement: "this key is
valid/invalid for this type of transaction".

The options I'm aware of are: 
1.)  use a different XKISS service URL for each transaction type. 
2.)  extend the useWith element with custom transaction types. 

are there more options?  which is the most appropriate? 

Received on Tuesday, 20 August 2002 08:39:45 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:39 UTC