- From: Stephen Farrell <stephen.farrell@baltimore.ie>
- Date: Mon, 03 Feb 2003 16:17:15 +0000
- To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
- CC: www-xkms@w3.org
Phill, "Hallam-Baker, Phillip" wrote: > > All, > > One of the issues that has been pointed out with the spec is > that it is not currently possible to serve static signed data. That is a > mjor problem as it means that XKMS is not as flexible as OCSP. I'm not so sure its a major problem, perhaps more of a feature:-) Don't you have an implicit public key certificate once the same response is sent out twice? Anyway, what'd prevent the application of two signatures, one covering the static data, the other (which can use an on-line, lower quality signing key) including the replay protection stuff? > The problem is the RequestID element in the result message that > has become required rather than optional. Stephen. -- ____________________________________________________________ Stephen Farrell Baltimore Technologies, tel: (direct line) +353 1 881 6716 39 Parkgate Street, fax: +353 1 881 7000 Dublin 8. mailto:stephen.farrell@baltimore.ie Ireland http://www.baltimore.com
Received on Monday, 3 February 2003 11:18:17 UTC