[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [courtfiling-doc] KeyInfo in XML DSig
Nick's suggestions make sense to me. I agree with them. Rolly Chambers -----Original Message----- From: Nick Pope [mailto:pope@secstan.com] Sent: Tue Feb 21 15:07:48 2006 To: courtfiling-doc@lists.oasis-open.org Subject: [courtfiling-doc] KeyInfo in XML DSig In response to the question raised regarding referencing certificates in the XML DSig KeyInfo element. This element does allow for X509 certificates to be referced or included in many ways, including by: a) giving a URI in RetrievalMethod b) including the certificate serial number in X509Data c) including the whole certificate in X509Data My preference would be (c) or if the full certificate was not included to save space then the certificate serial number (b). a) Is also possible as was suggested, this however, I feel gives more opportunity for certificate substitution. Hope this helps. Nick Pope Mob: +44 (0) 777 567 2590 --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. You may a link to this group and all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]