Re: thy tiers might cease... from Joseph Reagle on 2002-03-07 (www-xkms@w3.org from March 2002)

From: Joseph Reagle <reagle@w3.org>
Date: Thu, 7 Mar 2002 17:35:29 -0500
To: Rich Salz <rsalz@zolera.com>
Cc: stephen.farrell@baltimore.ie, www-xkms@w3.org
Message-Id: <200203072235.RAA08486@tux.w3.org>

On Wednesday 06 March 2002 20:25, Rich Salz wrote:
> Locate:  get me the data from this location; make no comment (nor
> computation:) as to its quality.

Independent of a signature: does this mean that if the service returns the 
wrong data from a "locate", it's not responsible, or less responsible than 
a "validate"? I maintain that a client always wants accurate information.

Also, considering the signature remember it could be applied to a "locate" 
request because I want to ensure that the information returned to me has 
integrity. Are you saying it shouldn't? Remember, a signature applies a key 
to a some data so as to provide integrity, message authentication, and/or 
signer authentication.

> Validate:  Make a commitment as to the facts you state about the key.

What sort of commitment?

I'm proposing we clarify this muddle.

1. Get rid of the ambiguous "validate" form of a request and state that the 
semantic of an XKMS request is "please send me an accurate response to the 
specified query about a *single* key." And a number of things can be 
requested:
A. KeyInfo information
B. "Trust Information" (like the nature of the key binding, validity 
interval, etc.)
C. An XML Signature over that information. 

This allows the client to ask for KeyInfo but not have it signed, to ask 
for KeyInfo but have it signed, same with the trust information. 
Subsequently, if a client asks for a "validate" without a signature one 
could use the Failure to state the service is not willing to make that sort 
of statement without integrity protection. For example:

The actual request would look lie:

    <Query>
      <Where>
        <ds:KeyName>Joseph</ds:KeyName>
      </Where>
      <Respond>
        <xkms:Status/>
        <ds:KeyInfo>
          <ds:KeyName/>
          <ds:KeyValue/>
        </ds:KeyInfo>
        </ds:Signature>
      </Respond>
    </Query>

and the response would include xkms:Status elements, ds:KeyInfo with the 
ds:KeyName and ds:KeyValue, and a Signature signing the whole of that 
response.

-- 

Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Thursday, 7 March 2002 17:35:32 UTC