OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

courtfiling-doc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: KeyInfo in XML DSig

In response to the question raised regarding referencing certificates in the
XML DSig KeyInfo element.

This element does allow for X509 certificates to be referced or included in
many ways, including by:
a) giving a URI in RetrievalMethod
b) including the certificate serial number in X509Data
c) including the whole certificate in X509Data

My preference would be (c) or if the full certificate was not included to
save space then the certificate serial number (b).  a) Is also possible as
was suggested, this however, I feel gives more opportunity for certificate
substitution.

Hope this helps.

Nick Pope
Mob: +44 (0) 777 567 2590

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]