Re: KeyInfo interoperability

I then attach, for your pleasure, an archive containing a few
signatures that exercise:

  KeyName RetrievalMethod[rawX509Certificate] X509Certificate
  X509SubjectName X509SKI X509IssuerSerial X509CRL

Instructions for validating these are provided in an enclosed
Readme.txt.

We've exercised DSAKeyValue and RSAKeyValue often, and I think
we agree that MgmtData is reasonably safe. I'm afraid that I
cannot, however, accomodate PGP and SPKI data in the time
available to me.

If anyone can validate any or all of these, that would be
great. They seem to work for me, but I often break things
badly.

Merlin

r/dee3@torque.pothole.com/2001.05.09/23:19:51
>I believe that in cases where the XMLDSIG standard specifies
>particular grandchildren of KeyInfo, such as X509Certificate,
>PGPKeyPacket, or SPKISexp and there has not been any interoperability
>demonstrated, we may have to move that part of the spec to the
>Additional URIs document or to an appendix. The situation is less
>clear for KeyInfo children that really just reserve a slot for
>something pretty much undefined, like MgmtData. I'm not sure we need
>to demonstrate anything there.
>
>Thanks,
>Donald


-----------------------------------------------------------------------------
Baltimore Technologies plc will not be liable for direct,  special,  indirect 
or consequential  damages  arising  from  alteration of  the contents of this
message by a third party or as a result of any virus being passed on.

In addition, certain Marketing collateral may be added from time to time to
promote Baltimore Technologies products, services, Global e-Security or
appearance at trade shows and conferences.

This footnote confirms that this email message has been swept by
Baltimore MIMEsweeper for Content Security threats, including
computer viruses.
   http://www.baltimore.com