RE: Updated Requirements, 4-corner model from Daniel Ash on 2002-01-30 (www-xkms@w3.org from January 2002)

From: Daniel Ash <Daniel.Ash@identrus.com>
Date: Wed, 30 Jan 2002 17:07:36 -0500
To: "'Mike Just'" <Mike.Just@entrust.com>
Cc: "'www-xkms@w3.org'" <www-xkms@w3.org>
Message-ID: <2B55DABB95C4D4119C1300508BD953F134CC9B@BLUE01>

Regarding my previous comments, I am surprised that nobody but myself thinks
service location is necessary.  The basis of the 4-corner model is that the
signing party and the relying party are of different trust providers.  The
relying party (or in this case, the relying party's trust provider),
therefore, needs to know where to get status/trust information about the
signer.  I'm not sure how I will be able to implement XKMS at Identrus
without a means for service location... since the reason for Identrus'
existence is for interoperability between multiple trust providers.
Currently we use the Authority Information extension as prescribed in OCSP.
Will Identrus, or any other user group whose environment involves multiple
trust providers need to develop their own mechanism for service location?
 
-dan  

-----Original Message-----
From: Mike Just [mailto:Mike.Just@entrust.com]
Sent: Wednesday, January 30, 2002 4:28 PM
To: 'www-xkms@w3.org'
Cc: 'fjh@alum.mit.edu'; 'Shivaram.Mysore@sun.com'; Stephen Farrell (E-mail)
Subject: Updated Requirements - Jan 30, 2002



Here is the latest update to the XML Key Management Requirements document.
Thanks to Daniel, Krishna, Joseph, Mack, Rich, Sébastien, Stephen and Yassir
for their comments on the list and all who participated on the telecon last
week. 

We've hopefully addressed all comments, and additionally have tried to
re-group several sections and remove some redundancy so that the spec is
easier to read. 

When reviewing, among other things, please ensure your agreement with the
normative requirements since several MUSTs etc. have been added and
clarified (the previous draft wasn't consistent with capitalization and its
indication of normative and non-normative requirements).

In addition, we didn't notice any new or changed requirements arising from
the recent list discussion on the 4-corner model. It should be confirmed
that what we have now is satisfactory (at least for the first release of
XKMS).

Frederick and Mike 
<<xkms-req02_01_30.html>>

Received on Wednesday, 30 January 2002 17:08:12 UTC