Re: Single Key in Originator Information from Paul Lambert on 1999-04-22 (w3c-xml-sig-ws@w3.org from April 1999)

From: Paul Lambert <plambert@certicom.com>
Date: Thu, 22 Apr 1999 11:56:51 -0700
To: "Joseph M. Reagle Jr. (W3C)" <reagle@w3.org>
cc: w3c-xml-sig-ws@w3.org
Message-ID: <8825675B.00671B04.00@domino2.certicom.com>

Joseph,

>We can't place restrictions on a syntax, ...

Humm ... how do we develop a standard without any  restrictions?  How can
we generate conformance tests?

I agree that we can not prevent extensions and should even encourage
flexibility, but we need to have some minimum syntax and some restrictions
on the ways the syntax is used.    I believe this is just a matter of
specification approach and guidelines.

This restriction on syntax is one of the reasons I'm pushing on
differentiating the characteristics of a keyed hash versus public key
mechanisms.  Keyed hash mechanisms require a Recipient Info field.  Public
key techniques do not need to provide recipient unique information.

Paul

"Joseph M. Reagle Jr. (W3C)" <reagle@w3.org> on 04/22/99 06:41:22 AM

To:   Paul Lambert/Certicom
cc:   w3c-xml-sig-ws@w3.org
Subject:  Re: Single Key in Originator Information

At 01:27 PM 4/21/99 -0700, Paul Lambert wrote:
 >So, I propose that:
 > XML digital signatures must carry only a single originator key or
 >certificate.

I had a similar concern when I wrote the example, but I primarily wanted to
show the usefulness of RDF semantics. Regardless, how would you
characterize
this type of restriction? We can't place restrictions on a syntax, so this
is an operational requirement on trust applications?
___________________________________________________________
Joseph Reagle Jr.  W3C:     http://www.w3.org/People/Reagle/
Policy Analyst     Personal:  http://web.mit.edu/reagle/www/
                   mailto:reagle@w3.org

Received on Thursday, 22 April 1999 15:05:02 UTC