W3C home > Mailing lists > Public > www-xkms@w3.org > January 2005

Re: NotBoundAuthentication

From: Jose Kahan <jose.kahan@w3.org>
Date: Thu, 20 Jan 2005 19:53:26 +0100
To: Tommy Lindberg <tommy.lindberg@gmail.com>
Cc: www-xkms@w3.org
Message-ID: <20050120185326.GD1613@inrialpes.fr>
I added this thread as issue 329-tl.


On Mon, Dec 06, 2004 at 02:22:00PM +0000, Tommy Lindberg wrote:
> > Not sure if the KeyName would be best there,
> I second that. It seems to me that the KeyInfo in the
> PrototypeKeyBinding is intended to communicate information to be bound
> to the key pair being registered.
> > So, I'd say we're ok not to change the schema for this one -
> > there's enough flexibility for what is probably a corner case.
> I am of the same opinion.
> > Tommy's b64 idea
> I can't take credit for the b64 part - this is a schema requirement
> :).  My example is deliberatly simplified to illustrate a point - I
> imagine you can throw anything in there; some DER, a bit of XML etc.
> I think the prose could be clearer:
> - while the schema allows for NotBoundAuthentication  be used in any
> XKRSS message section 7.1.3 paragraph says that NotBoundAuthentication
> is for registration only.
> - section 7.1.5  paragraph [296] makes liberal use of the phrase
> "limited use shared secret" ; I don't like the innuendo of that and
> suggest that replacing this with simply "authentication data" would be
> more appropriate.  Sure, using a limited use shared secret even as per
> section 8.1 may well be part of the Protocol, but this is specified by
> the Protocol and therefore out of scope in this spec.

Received on Thursday, 20 January 2005 18:54:02 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:43 UTC