[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Passing URLs
Hi Trevor ! > I asked Gregor for some elaboration on the requirement that the client can > send URIs of to-be-signed data to the server. > > His response is informative - Yes, I see ! No one wants to loose features available to XMLDSIG. And I understand the shortcommings of moving data redundantly. But acting on his own behalf the DSS server may not have the rights to access a given URL. So we probably need a 'claimed role' structure in the request. And a matching 'CodeErrorType' if the access to the document fails. Much more common to me is a DSS server that has very limited access to the outside world. I would like to have a bit in the signature profile saying 'document required to be within the request'. So the requestor didn't even thinks about just passing a URL. Greetings Andreas ______________________________________________________________________________ Die Besten ihrer Klasse! WEB.DE FreeMail (1,7) und WEB.DE Club (1,9) - bei der Stiftung Warentest - ein Doppelsieg! http://f.web.de/?mc=021184
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]