The X509Data Element clarification... from Donald E. Eastlake 3rd on 2001-02-13 (w3c-ietf-xmldsig@w3.org from January to March 2001)

From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
Date: Mon, 12 Feb 2001 21:57:16 -0500
To: w3c-ietf-xmldsig@w3.org
cc: lde008@dma.isg.mot.com
Message-Id: <200102130257.VAA0000003674@torque.pothole.com>

There have been some questions on what the X509IssuerSerial, X509SKI,
and X509SubjectName can refer to, how many of them there can be, etc.

Unless there is some objection, we will go with addition of the
following, or something close to it, to the spec:

All X509IssuerSerial, X509SKI, and X509SubjectName elements must refer
to certficiates with the validation key.  However, because you can
have multiple cetificates for the same key in the same X509Data
element, there may be multiple such elements referring to different
certificates or, of course, the same element.

Thanks,
Donald
=====================================================================
 Donald E. Eastlake 3rd                      dee3@torque.pothole.com
 155 Beaver Street                                +1 508-634-2066(h)
 Milford, MA 01757 USA                            +1 508-261-5434(w)

Received on Monday, 12 February 2001 21:57:27 UTC