RE: I'll have salad with my key...

Steve's example is far from frivolous.

I spent a bit of time working through the issues surrounding putting
people's pictures in their certificate. I don't think it is acceptable for
privacy reasons, you need more control over who can access the image. XKMS
is a means to provide that control.

Of course this is out-a-scope at present except to the extent that there is
the necessary extensibility mechanism.


There are basically two ways to get extensibility in XML (that I am prepared
to talk about anyways). One is the ##any approach, the other is to use the
type extension (qua inheritance) mechanism.

Since we have no FINAL types (except perhaps KeyUsage if we want to make
absolutely sure there is no possibility of a non-repudiation bit), all the
types are extensible.


If we are going to go for extensibility we should seriously consider using
the SAML style inheritance.

		Phill



Phillip Hallam-Baker FBCS C.Eng.
Principal Scientist
VeriSign Inc.
pbaker@verisign.com
781 245 6996 x227


> -----Original Message-----
> From: Stephen Farrell [mailto:stephen.farrell@baltimore.ie]
> Sent: Tuesday, March 05, 2002 12:43 PM
> To: www-xkms@w3.org
> Subject: I'll have salad with my key...
> 
> 
> 
> Joseph worried:
> > The KeyBinding is not extensible, what if I want to query or return 
> > different trust semantics than those provided by XKMS?
> 
> Well, given that it contains a ds:KeyInfo and I can put my granny's
> photo in there, what more do we need?
> 
> Stephen.
> 
> -- 
> ____________________________________________________________
> Stephen Farrell         				   
> Baltimore Technologies,   tel: (direct line) +353 1 881 6716
> 39 Parkgate Street,                     fax: +353 1 881 7000
> Dublin 8.                mailto:stephen.farrell@baltimore.ie
> Ireland                             http://www.baltimore.com
>