W3C home > Mailing lists > Public > www-xkms@w3.org > May 2004

Re: minutes online ... 11 may, 2004 telecon

From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Wed, 19 May 2004 14:40:56 +0100
Message-ID: <40AB63E8.4060003@cs.tcd.ie>
To: tommy lindberg <lindberg_tommy@hotmail.com>
Cc: www-xkms@w3.org


Hi Tommy,

> An XKMS service MAY indicate a key binding's validity interval using the
> <ValidityInterval> element as defined in 5.1.5 in [1].  This element has
> two attributes of type xsd:dateTime, NotBefore and NotOnOrAfter, both
> of which are optional.
> 
> I imagine the attributes are optional for the purpose of supporting the
> various flavors of PKI's mentioned in the specification.
> 
> The way the text in 5.1.5 is formulated permits an XKMS service to specify
> only one or neither of the boundary attributes even though their 
> counterparts
> exist in the underlying PKI.
> 
> I propose that a relying party ought to be assured to get both attributes
> when they exist in the underlying PKI.

What breaks if we don't do that? Not much I'd guess since the
RP has to be able to handle cases where stuff is missing. So I'd
rather not impose such a new requirement on a responder (or did
you mean something else by "be assured"?)

Stephen.
Received on Wednesday, 19 May 2004 09:38:47 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:42 UTC