[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] subject sets (also sort of: Agenda for August 6, 2009 call)
Tying the authority segment of the subject to the CN of the signing cert is a trust model that works for LRDD. It won't work for XRI or other things that may use XRD. We do need a complete solution for LRDD but it shouldn't preclude other trust models for XRD. John B. On 8-Aug-09, at 1:32 PM, Scott Cantor wrote: > Eran Hammer-Lahav wrote on 2009-08-08: >> That's what we set to do. If the trust section does not provide >> this as a >> complete solution, it is pointless. > > I'm not trying to prevent your complete solution, I'm just talking > about how > it should be structured as a matter of spec design. > > There can't be *one* trust model for XRD. That's never going to fly. > There > are obvious points of flexibility, and anywhere you start connecting > XRD to > something like X.509, that's got to be pretty adapatable. If you > need to > profile it down for particular use cases (e.g. requiring self- > assertion), > then that can be included, and even required for conformance purposes. > > -- Scott > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]