- From: Szabó Áron <baron@interware.hu>
- Date: Fri, 28 Feb 2003 10:23:35 +0100
- To: <w3c-ietf-xmldsig@w3.org>
- Message-ID: <007701c2df0b$11f999c0$0100a8c0@Server>
-----BEGIN PGP SIGNED MESSAGE----- I'm the student of Technical University of Budapest, my speciality is electronic signature and Public Key Infrastructures. Now I've been involved in a project in connection with semantic web (especially the layer of "trust" and XML signature). I don't know which mailing list should I add to the "To" field, but perhaps you can help me... I have read that the syntax of EDIFACT messages would be implemented in XML to have a general standard and then I have found the homepage of ebXML. I have already got the ISO 20625 standard (exact syntax of XML scheme files (XSD) based on EDIFACT) but somewhere it was written that this ISO standard would be expired if the ebXML project finished. My question: Which document (standard, recommendation etc.) should I download, buy etc. to be able to create (exact syntax and list of tags) - standardized - XSD files for a web shop (ebXML/EDIFACT (?) message with XML digital signature)? I've found the expression of "web of trust" in many documents, but it would seem - if I understand well - that it needs a direct contact between entities and is based on personal acquaintance (such as at Pretty Good Privacy - PGP), so it's good for mailing with friends, but not in a "trusted" worldwide usage. And on the other hand there is the model of Trusted Third Party (such as PKIs including CAs and RAs) where the main goal is for entities to be able to communicate in a "trusted" way worldwidely. My question: Will "web of trust" be based on Trusted Third Party model (PKI technology)? My other problem is the question of URI. In XML environment we identify objects by Uniform Resource Identifiers (URIs) but in the world of ASN.1 (ITU and ISO) in a long-standing system we use Object Identifiers (OIDs) based on ITU-T X.690 and ITU-T X.660 recommendations. So, now we use two identifiers to the same object. In the standard of XML signature (ETSI TS 101 903 - XAdES) I've noticed that this problem was solved by a new type of value: "OIDasURI" (and OID is used as the identifier). In the world of PKIs OIDs are used to identify objects (such as documents like CPS and CP)... My question: Will there be a translation between OIDs and URIs? Which will be preferred? Thanks for your answers! Aron Szabo Pretty Good Privacy - PGP user ID: Aron SZABO key ID: 0xAF06DC0B key type: RSA key size: 2048 e-mail address: baron@interware.hu You can download my public key from the following key servers: ldap://europe.keys.pgp.com:11370 http://pgpkeys.mit.edu:11371 ldap://keyserver.pgp.com -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQEVAwUBPl8qkzURd2evBtwLAQGjAgf/Z7luOJQnVFnC/4H08wEnuAGuOqk18ST/ goB4/EeK/uI45HPQeGh35Nquxq3geL1MaRLtJz0qYazUR+8D4Z8mT7YGK4dkUVfI tDSREKaVOumHxWc6VUh8p5msT0d+pohiOMz1/DpI+/n6Lz7I/nRSTsdPvMi378UA hK+cAEqbZnAH18Ld4OASc203NkEW2ciLTBfntmrFrfefIg9JFIbX2sT2IbyaDY5C KoS/5+KS5gVQj9j8ASPcemedD2JirXUHPe9ORQsab2lyHBdpMwbv592IF6ATXtpr tWyE8q64X8sql8V6L+jQuhir0baXuHVpTHqBsO+y3hMfVc4c0ej3DQ== =WUl+ -----END PGP SIGNATURE-----
Received on Friday, 28 February 2003 04:23:57 UTC