OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [dss] KeySelector/KeyInfo

In the discussion on the call yesterday I raised the question whether the KeySelector element could be used to support XKMS types of DSS servers. I understood that the discussion did not contemplate such a use for KeySelector. Rich' comment and Frederick's, not surprisingly, seem to favor it. I think that we need to flag this for further discussion, if that is the intent.

---------- Original Message ----------------------------------
From: <Frederick.Hirsch@nokia.com>
Date:  Tue, 21 Oct 2003 09:15:16 -0400

>+1
>
>regards, Frederick
> 
>Frederick Hirsch
>Nokia Mobile Phones
>
>
>
>
>> -----Original Message-----
>> From: ext Rich Salz [mailto:rsalz@datapower.com]
>> Sent: Monday, October 20, 2003 3:27 PM
>> To: Trevor Perrin
>> Cc: dss@lists.oasis-open.org
>> Subject: Re: [dss] KeySelector/KeyInfo
>> 
>> 
>> >     <KeySelector>
>> >         <ds:KeyInfo>
>> >             <ds:X509Data>...</ds:X509Data>
>> >         </ds:KeyInfo>
>> >     </KeySelector>
>> 
>> I also prefer this.  Verbosity doesn't both me -- we're talking about 
>> XML, and not only that, but mounds of base64-encoded strings.  Also, 
>> this lets future versions extend KeySelector, such as by letting the 
>> client include an ordered list of possible keys to use.  Or 
>> perhaps by 
>> including a SAML assertion that gives proof of right to use the key.
>> 	/r$
>> -- 
>> Rich Salz, Chief Security Architect
>> DataPower Technology                           
>> http://www.datapower.com
>> XS40 XML Security Gateway   
>> http://www.datapower.com/products/xs40.html
>> XML Security Overview  
>> http://www.datapower.com/xmldev/xmlsecurity.html
>> 
>> 
>> To unsubscribe from this mailing list (and be removed from 
>> the roster of the OASIS TC), go to 
>http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php.
>
>
>To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php.
>
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]