- From: Stephen Farrell <stephen.farrell@baltimore.ie>
- Date: Tue, 05 Mar 2002 18:08:26 +0000
- To: www-xkms@w3.org
Joseph remembered something: > I presume the query is conjunctive: all MUST match for a return. > What about the Respond? If the only some of the requested data can > be returned for the matched key, I assume they will be returned. I > presume the respond is disjunctive: all data that can be returned > will be. I believe that thinking of this as a simple protocol and > a simple query/lookup will be important to the design and its > security, we should probably look at the literature on securely > designing database queries. I'd agree that we should be clear (and explicit!) about con/dis-junction. However, (and this IMO is a big point) I don't think we're doing a general secure db lookup, I think of this as key management, and in particular, I think that xkms is only useful if it can sit in front of e.g. an x.509 or pgp pki. I can't see that you could map a general db lookup to those infrastructures in any sensible way. Definitely one where we need concensus. Stephen. -- ____________________________________________________________ Stephen Farrell Baltimore Technologies, tel: (direct line) +353 1 881 6716 39 Parkgate Street, fax: +353 1 881 7000 Dublin 8. mailto:stephen.farrell@baltimore.ie Ireland http://www.baltimore.com
Received on Tuesday, 5 March 2002 13:08:25 UTC