[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Profile Identifiers
[I sent this a few days ago, didn't go through... trying again.] Should every profile have a URI identifier? Probably not - profiles too abstract to be implemented don't need one (Policy-wise, German Signature Law). However, a concrete profile may be further profiled: - Profile X: Timestamping profile for <dss:Timestamp> objects. - Profile Y: Timestamping profile for <dss:TimeStamp/XMLTimeStampToken> objects. Or, - Profile X: profile for XAdES - Profile Y: some more specific profile built on XAdES Y profiles X, but both profiles are concrete, in the sense that they could be implemented. My vote: X and Y both have URI identifiers. Y's profile document lists both identifiers. A server implementing Y should be aware that it implements both, and allow requests that reference either URI. -------------- Related Question: Should every DSS request contain the URI identifier of a profile? Right now, <ServiceProfile> is an optional input, which means profiles don't need to support it. It might be good to make it a mandatory part of all profiles. It could be an attribute of <SignRequest> and <VerifyRequest>, instead of an optional input. Clients could still choose to send it or not. This way, clients could always check that they were talking to an appropriate DSS server, if they wanted. Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]