- From: tommy lindberg <lindberg_tommy@hotmail.com>
- Date: Fri, 09 Jul 2004 14:36:34 +0000
- To: jose.kahan@w3.org
- Cc: www-xkms@w3.org
Jose - I guess the namespace change is required by the W3C process? >I don't know if current implementations are using RSAKeyValue or >RSAKeyPair. Have people used the schema or the spec itself >when defining their service? Both the schema and the spec have the same issue. >I am not sure if this element is only used when doing an X-KRSS >recover operation or if it can be used elsewhere. Maybe when >generating or registrering a key. As you say, RecoverResult uses it. It also has optional use in RegisterResult in the case where the service generates the key pair. >What do actual implementations do now? My code base is fairly agile in this respect and switching between the two is not a big issue. My development "branch" uses the updated schema. My XKISS test site uses the old schema. >-- How will this change existing test cases? Assuming you mean sample messages, they all need to be redone, which is also true for the spec examples. There is some work to be done in these areas anyway e.g. I discovered some issues with some of my samples. Regards Tommy >From: Jose Kahan <jose.kahan@w3.org> >Reply-To: jose.kahan@w3.org >To: www-xkms@w3.org >Subject: Re: RSAKeyPair/RSAKeyValue issue >Date: Thu, 8 Jul 2004 20:45:09 +0200 > > >Hi, > >Per my action item, I consulted with my colleagues how to make >the schema change. As I suspected it requires more verification >from our side. More precisely, quoting Dan Connolly's message: > >--- >The answer depends on real-world data about which design >is more widely deployed and what it costs (outside the WG >as well as inside) to change it. >--- > >We need to estimate what has been implemented and >what are the consequences of making this change, will it change >existing implementations and how much, how easy it will be for other >people to adopt the change. > >If we can't give this estimation, we have to make this change in a way >that's fair to existing implementations. If it's too expensive, >we may opt to keep xkms:RSAKeyValue then. > >You'll find here below a summary of the issues. > >Please send your feedback as to whether this change will break >your implementation > >-- What is the proposed change (from Tommy's mail) > >The spec refers to xkms:RSAKeyPair to communicate the public and >private parts of an RSA key (section 6.4), but the schema and >the examples use xkms:RSAKeyValue. Tommy and Stephen propose to make the >change to xkms:RSAKeyPair as it makes more sense and this removes >any possible confusion with ds:RSAKeyValue. > >-- What do actual implementations do now? > >I don't know if current implementations are using RSAKeyValue or >RSAKeyPair. Have people used the schema or the spec itself >when defining their service? > >I am not sure if this element is only used when doing an X-KRSS >recover operation or if it can be used elsewhere. Maybe when >generating or registrering a key. > >-- How will this change existing test cases? > >-- What we will do if some peple say yes and some say no to this change? > >-- Do the resulting implementations interoperate? > >--- What are the failure modes? clearly reported errors > or subtle security bugs? > >-- Who's likely to say yes? Who's likely to say no? > > >-jose > _________________________________________________________________ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
Received on Friday, 9 July 2004 10:37:06 UTC