- From: Carl Ellison <cme@jf.intel.com>
- Date: Wed, 12 Jul 2000 10:56:48 -0700
- To: tgindin@us.ibm.com
- Cc: Yoshiaki KAWATSURA <kawatura@bisd.hitachi.co.jp>, bal@microsoft.com, w3c-ietf-xmldsig@w3.org, kawatura@bisd.hitachi.co.jp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 12:56 PM 7/12/2000 -0400, tgindin@us.ibm.com wrote: > My proposal was that certificates be permitted in KeyInfo only if they >were certificates for the signing key or members of a chain FOR that >certificate. A chain for a CA certificate extends upwards from that CA >certificate, but not downwards - it's not the same thing as a chain >containing that CA certificate. Thus if a CA is permitted to sign an XML >document the set of certificates for that document may not contain any EE >certificates. Do we need to add that if a CA signed the document, KeyInfo >may not contain any certificates issued by that CA? This sounds overly complex to me. If someone tries sending four million certificates, because he happens to have that many in his local cache, I assume netiquette folks will pounce on him immediately. If someone sends the certificates a DSig verifier needs, plus two others that are completely irrelevant to the DSig verification process, then there has been a small waste of bandwidth, but the verification code better not be so fragile that it gets confused by the extraneous information. - Carl -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.3 iQA/AwUBOWyxX8xqBGb+WvJAEQK5GQCfdySGFpZjn7Vhycv7IN3S75CeW7UAn1Nh HJQM4E8KfIkIRTToAzgszqwL =V2km -----END PGP SIGNATURE----- +--------------------------------------------------------+ |Carl Ellison Intel E: cme@jf.intel.com | |2111 NE 25th Ave M/S JF3-212 T: +1-503-264-2900 | |Hillsboro OR 97124 F: +1-503-264-6225 | |PGP Key ID: 0xFE5AF240 C: +1-503-819-6618 | | 1FDB 2770 08D7 8540 E157 AAB4 CC6A 0466 FE5A F240 | +--------------------------------------------------------+
Received on Wednesday, 12 July 2000 13:57:08 UTC