Re: Poll: Limiting KeyValue to a single Instance? from Carl Ellison on 2001-02-21 (w3c-ietf-xmldsig@w3.org from January to March 2001)

From: Carl Ellison <cme@acm.org>
Date: 21 Feb 2001 03:39:38 -0800
To: "TAMURA Kent" <kent@trl.ibm.co.jp>
Cc: reagle@w3.org, w3c-ietf-xmldsig@w3.org, kent@trl.ibm.co.jp, bal@microsoft.com, cwallace@erols.com
Message-Id: <3.0.5.32.20010221033938.009c39a0@spiritone.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 01:53 PM 2/21/01 +0900, TAMURA Kent wrote:
>
>In message "Re: Poll: Limiting KeyValue to a single Instance?"
>    on 01/02/20, "Joseph M. Reagle Jr." <reagle@w3.org> writes:
>> Carl indicated he'd like the KeyValue to refer to the validation key;
>> Brian  pointed out that this structure is already being used in other
>> contexts were  multiple instances are used.
>> 
>> Given this issue didn't command intense passions nor agreement I suppose
>> we  should stick with what we have: "a key that may be useful in
>> validating the  signature?" Kent, does this answer your question
>> satisfactorily?
>
>A KeyInfo element represents information about *a* key, doesn't it?
>
>4.4 The KeyInfo Element, 2nd paragraph:
>>> Multiple declarations within KeyInfo refer to the same key. 
>
>Multiple KeyValue elements in a KeyInfo element make no sense
>according to this sentence.  If one wants to transfer multiple
>keys at once, one should define container element, that includes
>multiple KeyInfo elements.

I can imagine the key info to back up use of a single key, not just the raw
key.  We already provide for a variety of certificate forms in KeyInfo.  If
you have certificates, you usually need one or more chains of them for the
end certificate to be useful.  You might even need multiple end certificates
on the same key.  For example, you might have my Intel key, with an X.509
certificate issued by Intel IT department and binding my World-Wide ID Number
to that key (WWID being Intel's only unique name for us) -- but in order to
make a security decision on the signed message in question, the DSig might
also need to contain an SPKI certificate (or certificate chain) whose (final)
subject is that key, empowering it in some way.

To me, that calls for multiple elements.

 - Carl

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2

iQA/AwUBOpOo+XPxfjyW5ytxEQLkhgCgkIDRfm5G8lztclHCqcHcKr5yVhEAoM9s
+iZS52yPtIZQjAABAfBm2pt8
=/QMH
-----END PGP SIGNATURE-----

+------------------------------------------------------------------+
|Carl M. Ellison         cme@acm.org     http://world.std.com/~cme |
|    PGP: 08FF BA05 599B 49D2  23C6 6FFD 36BA D342                 |
+--Officer, officer, arrest that man. He's whistling a dirty song.-+

Received on Wednesday, 21 February 2001 06:39:20 UTC