W3C home > Mailing lists > Public > www-xkms@w3.org > March 2002

RE: Issue: Server/Client key generation

From: Blair Dillaway <blaird@microsoft.com>
Date: Wed, 6 Mar 2002 15:51:23 -0800
Message-ID: <AA19CFCE90F52E4B942B27D42349637902CAC65D@red-msg-01.redmond.corp.microsoft.com>
To: "Mike Just" <Mike.Just@entrust.com>, "Hallam-Baker, Phillip" <pbaker@verisign.com>, <www-xkms@w3.org>
agree with Mike.  lets try to keep this as a single register request.

	-----Original Message-----
	From: Mike Just [mailto:Mike.Just@entrust.com] 
	Sent: Wednesday, March 06, 2002 7:06 AM
	To: 'Hallam-Baker, Phillip'; www-xkms@w3.org
	Subject: RE: Issue: Server/Client key generation
	
	

	Although I prefer the flatter structure with regard to avoiding
Types, I think that in this case, since we have a choice between either
client or server generated, I like the way it is defined now (i.e. as a
choice within a single register request).  (If we chose the other
option, we'd have to have two Reissue request elements as well, which
I'd prefer not to do.)

	Mike 

	-----Original Message----- 
	From: Hallam-Baker, Phillip [mailto:pbaker@verisign.com] 
	Sent: Tuesday, March 05, 2002 1:39 PM 
	To: www-xkms@w3.org 
	Subject: Issue: Server/Client key generation 



	Should we have separate requests for registering a server
generated key and 
	a client generated key? 

	Pro: Cleans up the specification and schema somewhat 

	Con: Might encourage applications to only support one mode, the
idea that 
	the client should be able to depend on the server for PKI
support is 
	somewhat weakened. 

	Of course it may be that it only makes sense for applications to
chose what 
	they support in this instance. Server generated keys typically
only make 
	sense in the context of key recovery, an XKMS service may
legitimately want 
	to avoid any contact with signing keys. 


	                Phill 


	Phillip Hallam-Baker FBCS C.Eng. 
	Principal Scientist 
	VeriSign Inc. 
	pbaker@verisign.com 
	781 245 6996 x227 

	
Received on Wednesday, 6 March 2002 18:51:58 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:39:15 GMT