Since XML signature provides for an expires, it should be sufficient
for the XRD use case.
I am not sure what JonhB refers to by "expires time for the XRD". If
you mean caching directives, that is not sufficient. The expiration
time should be part of the signed statement. Fortunately, it already
is, as per the XML DSig spec.
On Mon, Aug 10, 2009 at 6:59 PM, John Bradley<
jbradley@mac.com> wrote:
If I have a expires tome for the XRD isn't that enough?
Why do I care when it was signed?
I am trying to avoid changing anything around the signature processing
without a very good reason.
John B.
On 10-Aug-09, at 6:54 PM, Nat Sakimura wrote:
There is Expires, but no creation date, if I am reading the draft correctly.
=nat
John Bradley wrote:
Don't we have timestamps and other caching info at the XRD level?
I have have a hard time seeing the value of duplicating that in the
signature itself.
John B.
On 10-Aug-09, at 7:21 AM, Scott Cantor wrote:
Nat Sakimura wrote on 2009-08-10:
Do we need a datetime for the signature?
Signature timestamps are a pretty "deep" topic, it's definitely not as
simple as it seems.
In any case, there's a relevant draft making its way through the W3C.
http://www.w3.org/TR/2009/WD-xmldsig-properties-20090430/
-- Scott
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
--
--Breno
+1 (650) 214-1007 desk
+1 (408) 212-0135 (Grand Central)
MTV-41-3 : 383-A
PST (GMT-8) / PDT(GMT-7)