- From: Richard D. Brown <rdbrown@GlobeSet.com>
- Date: Thu, 22 Apr 1999 13:48:17 -0500
- To: "'Alan Kotok'" <kotok@w3.org>, <dee3@us.ibm.com>
- Cc: <w3c-xml-sig-ws@w3.org>
Granted :-) Richard D. > -----Original Message----- > From: w3c-xml-sig-ws-request@w3.org > [mailto:w3c-xml-sig-ws-request@w3.org]On Behalf Of Alan Kotok > Sent: Thursday, April 22, 1999 12:46 PM > To: dee3@us.ibm.com > Cc: w3c-xml-sig-ws@w3.org > Subject: Re: Avoid ASN.1 Re: XML versus ASN.1/DER blob > > > While I know I am on the heretical fringe here, I would like > whatever we do > in this activity to allow for public key bindings to be > conveyed in other > than X.509 certificates. Before you start shooting, let me > assure you that > I want to accomodate them, too. But I personally find the > ideas in the > SDSI/SPKI approach to be very attractive, and someday I'd > like to see those > ideas implemented in an RDF syntax. > > After all, as has been stated on this list, trust in a public > key-based > signature is gained through attestation by a known, trusted > party that said > key should be trusted for the purpose to which it is being > used. Since > there are many reasons one would want to trust a key other > than identity > (like affiliation, for example), a set of RDF assertions > signed by the 3rd > party can well convey the desired information. But I am not > proposing to > develop such a new "certificate" standard here. I am > proposing that we > recognize that ASN.1 is not at the core of this technology, and that > whatever we do accomodates a wide set of authentication means. > > Alan > ______________________________________________________________ > _____________ > Alan Kotok, Associate Chairman mailto:kotok@w3.org World Wide Web Consortium http://www.w3.org MIT Laboratory for Computer Science, 545 Technology Square, Room NE43-409 Cambridge, MA 02139, USA Voice: +1-617-258-5728 Fax: +1-617-258-5999
Received on Thursday, 22 April 1999 14:48:08 UTC