Joseph remembered something: > I presume the query is conjunctive: all MUST match for a return. > What about the Respond? If the only some of the requested data can > be returned for the matched key, I assume they will be returned. I > presume the respond is disjunctive: all data that can be returned > will be. I believe that thinking of this as a simple protocol and > a simple query/lookup will be important to the design and its > security, we should probably look at the literature on securely > designing database queries. I'd agree that we should be clear (and explicit!) about con/dis-junction. However, (and this IMO is a big point) I don't think we're doing a general secure db lookup, I think of this as key management, and in particular, I think that xkms is only useful if it can sit in front of e.g. an x.509 or pgp pki. I can't see that you could map a general db lookup to those infrastructures in any sensible way. Definitely one where we need concensus. Stephen. -- ____________________________________________________________ Stephen Farrell Baltimore Technologies, tel: (direct line) +353 1 881 6716 39 Parkgate Street, fax: +353 1 881 7000 Dublin 8. mailto:stephen.farrell@baltimore.ie Ireland http://www.baltimore.comReceived on Tuesday, 5 March 2002 13:08:25 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:39:15 GMT