W3C home > Mailing lists > Public > www-xkms@w3.org > December 2004

Re: NotBoundAuthentication

From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Mon, 06 Dec 2004 13:49:27 +0000
Message-ID: <41B46367.9060403@cs.tcd.ie>
To: Guillermo � Rey <alvarorg@cs.tcd.ie>
Cc: Tommy Lindberg <tommy.lindberg@gmail.com>, XKMS WG <www-xkms@w3.org>


Tommy, Guillermo,

Not sure if the KeyName would be best there, since I'd rather
keep the key and auth-id names separate, but in any case,
there's Tommy's b64 idea or how about "secret+sfarrell@cs.tcd.ie"
(like people use to filter emails). I could also imagine using
(whatever's the official term for) a CGI parameter in the URI
itself ("http://www.cs.tcd.ie/secrets?u=sfarrell").

So, I'd say we're ok not to change the schema for this one -
there's enough flexibility for what is probably a corner case.

Stephen.

Guillermo Álvaro Rey wrote:

> El lun, 06-12-2004 a las 00:14, Tommy Lindberg escribió:
> 
>>/How is the shared secret "holder" in an NotBoundAuthentication intended to be
>>identified?/
>>
> 
> Hi Tommy,
> 
> I would say that the key name could be specified in the KeyInfo element 
> in the PrototypeKeyBinding, avoiding the need for a change in the schema 
> regarding NotBoundAuthentication.
> 
> Regards,
> - -Guillermo
> 
>>/Apart from altering the schema (adding a "Name" attribute) the only
>>reasonable option seems to be, to combine these two pieces of
>>information and include their base64 encoding in the Value attribute.
>>
>>For example, a protocol defined out of scope to XKMS and identified by the URI
>>urn:example-protocol:username-password specifies that the Value
>>attribute carries
>>a username/password pair separated by a ':'  would take the form of
>>the following
>>instance fragment
>>
>><NotBoundAuthentication 
>>    Protocol="urn:example-protocol:username-password"
>>    Value="YWxpY2U6c2VjcmV0"/>
>>
>>Regards
>>Tommy/
>>
Received on Monday, 6 December 2004 13:45:36 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:43 UTC