W3C home > Mailing lists > Public > www-xkms@w3.org > January 2002

Re: Question about Locate Service

From: Stephen Farrell <stephen.farrell@baltimore.ie>
Date: Fri, 18 Jan 2002 16:04:29 +0000
Message-ID: <3C48478D.7EA4C410@baltimore.ie>
To: Yassir Elley - Sun Microsystems <Yassir.Elley@Sun.COM>
CC: www-xkms@w3.org

Yassir,

I can see two functions that locate can perform. The one you mention:

> I could understand if the client asked the Locate service to return an
> X509 certificate or chain of certificates, and then the client did the
> validation himself. Is that the intended usage of the Locate service?

one variant of which is called DPD in the IETF PKIX context and secondly
I can also imagine a client using a locate on a name, getting a (set of)
KeyInfo elements, picking one, and then doing a validate (say prior to
encryption). I'm not sure if others are considering this latter case, 
but I think it might be useful.

Stephen.

-- 
____________________________________________________________
Stephen Farrell         				   
Baltimore Technologies,   tel: (direct line) +353 1 881 6716
39 Parkgate Street,                     fax: +353 1 881 7000
Dublin 8.                mailto:stephen.farrell@baltimore.ie
Ireland                             http://www.baltimore.com
Received on Friday, 18 January 2002 11:03:43 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:38 UTC