- From: Richard D. Brown <rdbrown@Globeset.com>
- Date: Tue, 20 Jul 1999 15:06:40 -0500
- To: "'Peter Lipp (by way of \"Joseph M. Reagle Jr.\" <reagle@w3.org>)'" <Peter.Lipp@iaik.at>, "'IETF/W3C XML-DSig WG'" <w3c-ietf-xmldsig@w3.org>
Peter, > I was wondering if it did not make sense to combine those two > parts into > something like > > > <sig-alg AlgorithmName> > > <Alg-Info/> > > <KeyingInfo/> > > <sig-alg/> > Reason: Keyinginfo will most likely be highly dependent on Alg-Info. Not quite true. I can use any public-key signature algorithm and refer to the public key either by a KeyID (whose actual meaning could be left to the relying party) or the ISN of a certificate. Identification of the keying material is independent of the algorithm being used (in most circumstances). How we refer to the keying material is most likely dependent on the 'key and trust' management infrastructure in place. Sincerely, Richard D. Brown Software Architect - R&D Globeset, Inc. Austin, TX - U.S.
Received on Tuesday, 20 July 1999 16:07:12 UTC