[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] Datetime for ds:Signature
agreed, that makes a lot of sense. Not sure where I got the "must not be used" language... I may have added that myself. -will On Aug 11, 2009, at 12:21 AM, RL 'Bob' Morgan wrote: > > On Mon, 10 Aug 2009, John Bradley wrote: > >> XRD spec 2.2.2 >> >> 2.2.2. Element <Expires> >> This xs:dateTime value indicates the time instant after which the >> document is no longer valid and must not be used. > > This may already have been discussed, but the "must not be used" > there makes me nervous, as there is a typical issue with this kind > of thing. > > It may be taken to mean: after this time the party relying on this > document must assume the info in the document is no longer true and > must purge any record of this information from local storage. That > is a tall order, and probably not what the signing party intends. > Usually such an element means: the signer no longer guarantees the > information in the signed document is true after this time, so the > RP uses it at its own risk. > > To avoid getting into what "guarantees" means etc, it's pragmatic > for a spec, rather than saying "must not be used", to say something > like "the document does not validate after this time", as a > processing rule. If that's what we want to say I suggest just > removing the "and must not be used" from this sentence. > > - RL "Bob" > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]