[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [dss] Use cases and requirements input
> -----Original Message----- > From: Pieter Kasselman [mailto:pkasselman@baltimore.com] > Sent: Friday, January 17, 2003 10:22 AM > To: 'Robert Zuccherato'; 'Gregor Karlinger'; > 'dss@lists.oasis-open.org' > Subject: RE: [dss] Use cases and requirements input > > > Hi Robert, one comment below. > > Cheers > > Pieter > > > > 2.2.4 Allow for configuration profiles > > > > > > - Trust > > > > > > The requester should be able to specify the trust settings > > > (accepted root certificates, accuracy of CRL checking, ...) > > > to be applied by the service when validating a signature. > > > > > > Since this trust-related information can be quite bulky, the > > > requester should alternatively identify this information by > > > a named profile. > > > > I'm not opposed to allowing requesters to specify the trust > settings, > > but not at the expense of producing a protocol that is more > > complicated that necessary. I'm guessing that this feature > would not > > be required in the majority of signature validation server > > environments. The trust settings would be implicitly > defined by the > > service. At least in our first iteration I would like to produce > > something that is simple, usable and works. We can then build upon > > that. > > > [Pieter Kasselman] One way to meet this requirement is > to allow for a configuration profile or policy to be > specified (as remarked in the original post it can be as > simple as a URL that is included). This could be a optional > (non-mandatory) parameter. For a first iteration we do not > need to define exactly how such a policy or configuration > profile is expressed. I agree; this could be a simple solution for a first version of the validation service. /Gregor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC