Re: Comments on XML-Signature S&P draft

     Response to 4.4.4 below.  The one possible issue in this area I know
of is whether there should be a restriction against placing more than one
certificate for the signer's key pair in this field, and I don't recall any
such restriction being agreed on (maybe I'm wrong).

          Tom Gindin

TAMURA Kent <> on 09/28/2000 09:26:59 PM

Sent by:

Subject:  Comments on XML-Signature S&P draft

Members of my group read the latest Canonical XML [1] and the
latest XML Signature [2].  The following are comments on [2]
from members.



4.4.4 The X509Data Element
  The specification does not describe how to include certificate
chain though certificate chain is used in the example.  In the
example, how does a signature application know which certificate
has a key to verify the signature?

[TG] The effective rule is that any certificate whose subject name matches
the issuer name of any of the other certificates included is a CA from one
of the included chains, and thus signature verification should only run on
the remaining certificates.  All of the remaining certificates (normally EE
certificates) should have the SAME public key, or they will confuse
verifiers.  Does anyone think there should be a restriction to only one EE
certificate?  Can anyone think of a way in which two EE certificates with
different keys can both be "related to that single key" in a KeyInfo?

Received on Friday, 29 September 2000 18:07:04 UTC