Re: NotBoundAuthentication from Jose Kahan on 2005-01-20 (www-xkms@w3.org from January 2005)

From: Jose Kahan <jose.kahan@w3.org>
Date: Thu, 20 Jan 2005 19:53:26 +0100
To: Tommy Lindberg <tommy.lindberg@gmail.com>
Cc: www-xkms@w3.org
Message-ID: <20050120185326.GD1613@inrialpes.fr>

I added this thread as issue 329-tl.

-jose

On Mon, Dec 06, 2004 at 02:22:00PM +0000, Tommy Lindberg wrote:
> 
> > Not sure if the KeyName would be best there,
> 
> I second that. It seems to me that the KeyInfo in the
> PrototypeKeyBinding is intended to communicate information to be bound
> to the key pair being registered.
> 
> > So, I'd say we're ok not to change the schema for this one -
> > there's enough flexibility for what is probably a corner case.
> 
> I am of the same opinion.
> 
> > Tommy's b64 idea
> I can't take credit for the b64 part - this is a schema requirement
> :).  My example is deliberatly simplified to illustrate a point - I
> imagine you can throw anything in there; some DER, a bit of XML etc.
> 
> I think the prose could be clearer:
> - while the schema allows for NotBoundAuthentication  be used in any
> XKRSS message section 7.1.3 paragraph says that NotBoundAuthentication
> is for registration only.
> 
> - section 7.1.5  paragraph [296] makes liberal use of the phrase
> "limited use shared secret" ; I don't like the innuendo of that and
> suggest that replacing this with simply "authentication data" would be
> more appropriate.  Sure, using a limited use shared secret even as per
> section 8.1 may well be part of the Protocol, but this is specified by
> the Protocol and therefore out of scope in this spec.

Received on Thursday, 20 January 2005 18:54:02 UTC