RE: X509IssuerSerial alternatives in WS Security specification from Brian LaMacchia on 2010-09-14 (public-xmlsec@w3.org from September 2010)

From: Brian LaMacchia <bal@microsoft.com>
Date: Tue, 14 Sep 2010 19:26:42 +0000
To: Scott Cantor <cantor.2@osu.edu>, 'Pratik Datta' <pratik.datta@oracle.com>, "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-ID: <96C9A84DD4EEC3408DD1E6484974A8DE1F822E1E@TK5EX14MBXC122.redmond.corp.microsoft.>

Depends on how you define it, of course, but assuming you want an independent, reusable element you don't want to be constrained by having to ship an X509Data encapsulator around if you don't need it.  But I'll wait to see the specific language you propose.

					--bal  

-----Original Message-----
From: Scott Cantor [mailto:cantor.2@osu.edu] 
Sent: Tuesday, September 14, 2010 11:43 AM
To: Brian LaMacchia; 'Pratik Datta'; public-xmlsec@w3.org
Subject: RE: X509IssuerSerial alternatives in WS Security specification

> Not only should it be hash-agile, but it should probably support 
> multiple parallel hash values.

I think that's sufficiently addressed by the ability to include more than one in X509Data.

-- Scott

Received on Tuesday, 14 September 2010 19:41:01 UTC