OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss-x message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: core streamlining: AdditionalKeyInfo vs. KeySelector


Hi all,


I would like you to nag with another detail I came across while trying
to streamline the core. In  the 'original' core we use the ds:KeyInfo
structure as a base for two elements : AdditionalKeyInfo and
KeySelector. Right from the names you can guess that ds:KeyInfo is a
good base for AdditionalKeyInfo but there is slight mismatch when using
the ds:KeyInfo as the KeySelector.

The latter fact gives some room for optimizations, e.g. dropping the
reference for CRL. See the latest draft below, including the remarks
from Pim.

But in the case of AdditionalKeyInfo it is not quite obvious to me if we
can use the streamlined structure or have to stick with ds:KeyInfo ...
what would nullify my effort to minimize the complexity of the core
structures to some extent. An inviting approach would be to enhance the
steamlined KeySelectorType to serve as a replacement for ds:KeyInfo,
e.g. by adding the CRL, RetrievalMethod and MgmtData?


Any opinions appreciated!

Greetings,

Andreas


        <xs:complexType name="KeySelectorType">
            <xs:choice>
                <xs:element name="X509Digest" >
                    <xs:complexType>
                        <xs:simpleContent>
                            <xs:extension base="xs:base64Binary">
                                <xs:attribute name="Algorithm"
type="xs:anyURI" use="required"/>
                            </xs:extension>
                        </xs:simpleContent>
                    </xs:complexType>
                </xs:element>
                <xs:element name="X509SubjectName" type="xs:string"/>
                <xs:element name="X509SKI" type="xs:base64Binary"/>
                <xs:element name="X509Certificate" type="xs:base64Binary"/>
                <xs:element name="KeyName" type="xs:string"/>
            </xs:choice>
        </xs:complexType>
       

-- 
Andreas Kühne 
phone: +49 177 293 24 97 
mailto: kuehne@trustable.de

Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612

Director Andreas Kühne

Company UK Company No: 5218868 Registered in England and Wales 




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]