- From: Carl Wallace <cwallace@erols.com>
- Date: Mon, 13 Mar 2000 19:31:32 -0500
- To: "Barb Fox" <bfox@EXCHANGE.MICROSOFT.com>, "dsig" <w3c-ietf-xmldsig@w3.org>
- Cc: <pmhesse@cygnacom.com>
Received on Monday, 13 March 2000 19:31:49 UTC
Barb, Thanks to Brian's comments I understand now the idea is for KeyInfo to serve as a "hint" and little/nothing more. However, I still fail to see where KeyValue provides anything in the way of "base interoperability" where a PKI application receives a key via KeyValue from a non-PKI application and thus fail to see why KeyValue is required. It seems only to provide enough interoperability for a non-PKI application to deliver a key that cannot be validated to a PKI application. Without clarification in the text as to the intent, I believe the structures provide too much of an invitation to be used in a manner not consistent with the intent. As for the DSA parameters, since using them directly from a KeyValue is not the idea, why mandate their inclusion? Certainly there would be no harm in relaxing the requirement that every KeyValue include them; a simple minOccurs=0 seems appropriate. It would definitely save many bits spent on information that's really more nice to have than necessary for many/most implementations. -Carl
Received on Monday, 13 March 2000 19:31:49 UTC