Re: Fallback flow for /site-meta for top level domains

On Wed, Dec 3, 2008 at 9:38 AM, Eran Hammer-Lahav <eran@hueniverse.com> wrote:
> -----Original Message-----
>> From: Breno de Medeiros [mailto:breno@google.com]
>> Sent: Wednesday, December 03, 2008 9:33 AM
>>
>> However, from what I have been hearing, the current proposal does not
>> plan for signing of site-meta, and the links pointed to by it will
>> have to carry implicit trust (maybe they will be signed documents, or
>> maybe they are just informative).
>
> /site-meta will certainly support signatures, the open question is where to specify that mechanism. I think this will get resolved in the larger context of what building blocks we end up using
> for the end-to-end discovery protocol. We are arguing about what functionality belongs in which spec, not if the functionality itself is needed.

This is not completely apparent from the way the pieces are being
discussed in different settings. If site-meta is to support
signatures, then how the signature fits in probably should live on the
site-meta spec (even if it points to a signature scheme defined
elsewhere, or leaves the actual signature mechanism unspecified).


>
> EHL
>



-- 
--Breno

+1 (650) 214-1007 desk
+1 (408) 212-0135 (Grand Central)
MTV-41-3 : 383-A
PST (GMT-8) / PDT(GMT-7)

Received on Wednesday, 3 December 2008 17:45:44 UTC