- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Thu, 05 Oct 2000 16:35:52 -0400
- To: tgindin@us.ibm.com
- Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
Ok, so I've tweaked that section as follows: 4.4.4 The X509Data Element ... An X509Data element within KeyInfo contains one or more identifiers of keys or X509 certificates (or certificates' identifiers or revocation lists). Five types of X509Data are defined 1. The X509IssuerSerial element, which contains an X.509 issuer distinguished name/serial number pair that SHOULD be compliant with RFC2253 [LDAP-DN], 2. The X509SubjectName element, which contains an X.509 subject distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN], 3. The X509SKI element, which contains an X.509 subject key identifier value. 4. The X509Certificate element, which contains a Base64-encoded [X509v3] certificate, and 5. The X509CRL element, which contains a Base64-encoded certificate revocation list (CRL) [X509v3]. ... REFERENCES ... [X509v3] ITU-T Recommendation X.509 version 3 (1997). "Information Technology - Open Systems Interconnection - The Directory Authentication Framework" ISO/IEC 9594-81997. __ Joseph Reagle Jr. W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Thursday, 5 October 2000 16:36:02 UTC