[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] XRD Signing (and SAML)
On Jun 22, 2009, at 3:08 PM, Will Norris wrote: > ## My Proposed Action > > Unless someone points out something I'm overlooking, I'm fairly > confident our current solution covers the use cases previously > addressed with embedded SAML assertions. I believe that this > renders <TargetSubject /> and <TargetAuthority /> unnecessary. I > believe that most use cases involving the XRD chaining model of > trust will only need a single <ds:KeyInfo /> (in fact that's all > they've had to date). For those use cases that need multiple > <KeyInfo /> elements, I believe most will be limited to a period of > time while transitioning off of a soon-to-be-expiring certificate. > So I propose allowing for 0 or more <ds:KeyInfo /> elements > underneath <Link /> (no wrapper element necessary), and doing away > with the XRD Trust namespace and Target* elements. okay, hold off on the suggestion to remove <TargetAuthority />... rethinking that.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]