- From: Dournaee, Blake <bdournaee@rsasecurity.com>
- Date: Tue, 12 Jun 2001 00:59:52 -0700
- To: "'Joseph M. Reagle Jr.'" <reagle@w3.org>
- Cc: w3c-ietf-xmldsig@w3.org
The list seems dead lately. Allow me to throw out a question here :) I have been reading section 4.4.4 regarding the restrictions on the grouping of the <X509Data> elements. The trivial restriction (e.g. X509IssuerSerial, X509SKI, and X509SubjectName, if used, all must point to the same public key) makes sense, but I am pondering the restrictions about how one can group these elements in separate <X509Data> elements. The recommendation currently says that if all such certificate identifiers (e.g. X509IssuerSerial, X509SKI, and X509SubjectName), point to the same certificate, they must be grouped together. Is this restriction simply to prevent redundancy of the semantics of <X509Data> elements? What is the purpose behind this? Thanks, Blake Dournaee Toolkit Applications Engineer RSA Security "The only thing I know is that I know nothing" - Socrates
Received on Tuesday, 12 June 2001 03:57:29 UTC