[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] Secure XRD Proposals
Now I can see the reasoning more clearly. If we allow both detached and inline signature, we need a wrapper. SXRD is just that. Now that I see the rationale, I would go farther to smothing like <SDSIG> We do not need raw XRD there. The above is pretty generic and can be used almost for anything... Note the SDSIG/DATA/@type . This is the meta information on what the Data. In our particular case, it is going to be XRD. =nat Peter Davis wrote: 4CCA6F99-B14C-4D79-8CAE-60BEC085DEDA@neustar.biz" type="cite">Out of curiosity, what was the motivation for the introduction of the SXRD element for the signature in proposal 1? =peterd On Dec 17, 2008, at 8:54 PM, n-sakimura@nri.co.jp wrote:Hi I have created a page: http://wiki.oasis-open.org/xri/XrdOne/SecureXrd It is the result of some private message exchange among me, Brian and John. If we were to forget about the backward comaptibility to XRDS2.0, I personally like 1.2 SAML POST Simple Sign Binding style. Otherwise, I like 1.3 Backword Comaptible XRD. Related, but separet topic beside the format is whether to include SigAlg in a signed material. XML Sig calls for SigAlg to be included in the signed material citing weak algorithm attack. Then, there is an argument that while theoretically interesting, the real risk is very small. Please discuss on this as well. Actually, if we take 1.2 SAML Simple Sign Style, we can get SigAlg outside of XRD and still sign it, so it is quite nice.Peter Davis: NeuStar, Inc. Director & Distinguished Member of the Technical Staff 45980 Center Oak Plaza Sterling, VA 20166 [T] +1 571 434 5516 [E] peter.davis@neustar.biz [W] http://www.neustar.biz/ [X] xri://@neustar*pdavis [X] xri://=peterd The information contained in this e-mail message is intended only for the use of the recipient(s) named above and may contain confidential and/or privileged information. If you are not the intended recipient you have received this e-mail message in error and any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please notify us immediately and delete the original message. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]