I just thought that from the point of view of XRD consumer, they might
want to know how long ago it was signed or created.
Would they not? It may be application specific.
One generic example would be XRD signed and third party timestamped
before the signers key got compromised can still be thought of as
valid. Expiry date does not meet this.
=nat
John Bradley wrote:
DD33E14D-52DF-4F63-81E1-42FDEE5A57EC@mac.com"
type="cite">If I have a expires tome for the XRD isn't that enough?
Why do I care when it was signed?
I am trying to avoid changing anything around the signature
processing without a very good reason.
John B.
On 10-Aug-09, at 6:54 PM, Nat Sakimura wrote:
There is Expires, but no
creation date, if I am reading the draft correctly.
=nat
John Bradley wrote:
A217483B-C1F7-4B72-AB68-9E637793C152@mac.com"
type="cite">
Don't we have timestamps and other caching info at the XRD level?
I have have a hard time seeing the value of duplicating that in the
signature itself.
John B.
On 10-Aug-09, at 7:21 AM, Scott Cantor wrote:
Nat Sakimura wrote on 2009-08-10:
Do we need a datetime for the signature?
Signature timestamps are a pretty "deep" topic, it's definitely not as
simple as it seems.
In any case, there's a relevant draft making its way through the W3C.
http://www.w3.org/TR/2009/WD-xmldsig-properties-20090430/
-- Scott
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
|