RE: minutes online ... 11 may, 2004 telecon from tommy lindberg on 2004-05-19 (www-xkms@w3.org from May 2004)

From: tommy lindberg <lindberg_tommy@hotmail.com>
Date: Wed, 19 May 2004 13:17:07 +0000
To: www-xkms@w3.org
Message-ID: <BAY12-F47askjeo4lB4000216f1@hotmail.com>

An XKMS service MAY indicate a key binding's validity interval using the
<ValidityInterval> element as defined in 5.1.5 in [1].  This element has
two attributes of type xsd:dateTime, NotBefore and NotOnOrAfter, both
of which are optional.

I imagine the attributes are optional for the purpose of supporting the
various flavors of PKI's mentioned in the specification.

The way the text in 5.1.5 is formulated permits an XKMS service to specify
only one or neither of the boundary attributes even though their 
counterparts
exist in the underlying PKI.

I propose that a relying party ought to be assured to get both attributes
when they exist in the underlying PKI.

Any thoughts on this?

Regards
Tommy

_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. 
http://join.msn.com/?page=features/virus

Received on Wednesday, 19 May 2004 09:18:17 UTC