- From: Rich Salz <rsalz@datapower.com>
- Date: Wed, 05 Feb 2003 12:47:46 -0500
- To: fd <fd@despammed.com>
- CC: w3c-ietf-xmldsig@w3.org
> Rich, could you eleborate a little more what you mean for > "locally-configured" . If you intend something like pre-arranged trust > relashionship (I know him I trust his certificate or similar) how does > it fit in a web service world where services, their descriptions etc. > could be discovered dynamically ? That's what I mean. I do not believe that two random business organizations will find each other through a third-party directory and starting doing business. It will either be a closed trading organization (various marketplaces), a risk/trust service like Identrus, or similar. In which case, all parties will just have the root of their umbrella organization, and everyone will cache certs for the "Level 1" CA's as they find them. > IMHO trust is another thing that could be discovered and managed > dynamically, so isn't the 80/20 rule above too strict in a web services > world ? Only if you think it's gonna happen. I don't. At best, dynamic discovery will happen within the enterprise behind the firewall underneath a single trust domain. On the public Internet? Never. Who will assume the liability for (among other things) fraudelent identity? Loosely coupled, tightly contracted. /r$
Received on Wednesday, 5 February 2003 12:47:56 UTC