- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Mon, 06 Dec 2004 13:49:27 +0000
- To: Guillermo � Rey <alvarorg@cs.tcd.ie>
- Cc: Tommy Lindberg <tommy.lindberg@gmail.com>, XKMS WG <www-xkms@w3.org>
Tommy, Guillermo,
Not sure if the KeyName would be best there, since I'd rather
keep the key and auth-id names separate, but in any case,
there's Tommy's b64 idea or how about "secret+sfarrell@cs.tcd.ie"
(like people use to filter emails). I could also imagine using
(whatever's the official term for) a CGI parameter in the URI
itself ("http://www.cs.tcd.ie/secrets?u=sfarrell").
So, I'd say we're ok not to change the schema for this one -
there's enough flexibility for what is probably a corner case.
Stephen.
Guillermo Álvaro Rey wrote:
> El lun, 06-12-2004 a las 00:14, Tommy Lindberg escribió:
>
>>/How is the shared secret "holder" in an NotBoundAuthentication intended to be
>>identified?/
>>
>
> Hi Tommy,
>
> I would say that the key name could be specified in the KeyInfo element
> in the PrototypeKeyBinding, avoiding the need for a change in the schema
> regarding NotBoundAuthentication.
>
> Regards,
> - -Guillermo
>
>>/Apart from altering the schema (adding a "Name" attribute) the only
>>reasonable option seems to be, to combine these two pieces of
>>information and include their base64 encoding in the Value attribute.
>>
>>For example, a protocol defined out of scope to XKMS and identified by the URI
>>urn:example-protocol:username-password specifies that the Value
>>attribute carries
>>a username/password pair separated by a ':' would take the form of
>>the following
>>instance fragment
>>
>><NotBoundAuthentication
>> Protocol="urn:example-protocol:username-password"
>> Value="YWxpY2U6c2VjcmV0"/>
>>
>>Regards
>>Tommy/
>>
Received on Monday, 6 December 2004 13:45:36 UTC