[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] KeySelector/KeyInfo
> But I thought that was Rich' point which Frederick applauded: > that KeySelector could also be used as a way of conveying information > about the individual key. Did I misunderstand something? I don't think so. My point was that if you define KeySelector as a container, and allow it to have a dsig:KeyInfo as one of the child types -- perhaps the only child type -- currently defined. Doing it this way allows future revisions (or private versions) to put in other material as a KeySelector. We won't have to change the schema; it's future-proofing. One could imagine, for example, using the XML common biometric stuff to prove tell the DSS server which key to use. In XML Schema: <xs:element name="KeySelector"> <xs:complexType> <xs:choice> <xs:element ref="dsig:KeyInfo"/> <xs:any namespace="##other" processContents="lax"/> </xs:choice> </xs:complexType> </xs:element> -- Rich Salz, Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]