Issue: Server/Client key generation from Hallam-Baker, Phillip on 2002-03-05 (www-xkms@w3.org from March 2002)

From: Hallam-Baker, Phillip <pbaker@verisign.com>
Date: Tue, 5 Mar 2002 10:38:36 -0800
To: www-xkms@w3.org
Message-ID: <2F3EC696EAEED311BB2D009027C3F4F4058699BA@vhqpostal.verisign.com>

Should we have separate requests for registering a server generated key and
a client generated key?

Pro: Cleans up the specification and schema somewhat

Con: Might encourage applications to only support one mode, the idea that
the client should be able to depend on the server for PKI support is
somewhat weakened.

Of course it may be that it only makes sense for applications to chose what
they support in this instance. Server generated keys typically only make
sense in the context of key recovery, an XKMS service may legitimately want
to avoid any contact with signing keys.


		Phill


Phillip Hallam-Baker FBCS C.Eng.
Principal Scientist
VeriSign Inc.
pbaker@verisign.com
781 245 6996 x227

Attachments

application/octet-stream attachment: Phillip_Hallam-Baker__E-mail_.vcf

Received on Tuesday, 5 March 2002 13:37:48 UTC