RE: DEREncodedKeyValue from Scott Cantor on 2009-10-07 (public-xmlsec@w3.org from October 2009)

From: Scott Cantor <cantor.2@osu.edu>
Date: Wed, 7 Oct 2009 10:15:33 -0400
To: "'Sean Mullan'" <Sean.Mullan@Sun.COM>, "'XMLSec WG'" <public-xmlsec@w3.org>
Message-ID: <053b01ca4758$a2400840$e6c018c0$@2@osu.edu>

Sean Mullan wrote on 2009-10-07:
> While working on the implementation of DEREncodedKeyValue [1], I am
> curious as to why we didn't define (or recommend that) this be a child
> element of the existing KeyValue element? We must have discussed this
> before but I don't remember. It would seem to be a better place for it,
> as it is intended to hold a single public key (same as a KeyValue) and
> it would fit nicely in the existing Java APIs for KeyValue, where the
> underlying DER encoding does not necessarily need to be exposed to the
> programmer.
> 
> [1]: http://www.w3.org/TR/xmldsig-core1/#sec-DEREncodedKeyValue

I had no strong feelings about it, but I think the original argument was
that KeyValue implied a key represented in an XML-structured fashion and
that this was different because it assumed ASN.1 support.

-- Scott

Received on Wednesday, 7 October 2009 14:16:32 UTC