[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] KeySelector/KeyInfo
> But I thought that was Rich' point which Frederick applauded:
> that KeySelector could also be used as a way of conveying information
> about the individual key. Did I misunderstand something?
I don't think so. My point was that if you define KeySelector as a
container, and allow it to have a dsig:KeyInfo as one of the child types
-- perhaps the only child type -- currently defined.
Doing it this way allows future revisions (or private versions) to put
in other material as a KeySelector. We won't have to change the schema;
it's future-proofing. One could imagine, for example, using the XML
common biometric stuff to prove tell the DSS server which key to use.
In XML Schema:
<xs:element name="KeySelector">
<xs:complexType>
<xs:choice>
<xs:element ref="dsig:KeyInfo"/>
<xs:any namespace="##other" processContents="lax"/>
</xs:choice>
</xs:complexType>
</xs:element>
--
Rich Salz, Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]