[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: ProcessingDetails
Hi Juan Carlos, Here's our old discussion on this: http://lists.oasis-open.org/archives/dss/200312/msg00007.html The gist is you wanted more detail to say exactly what failed and why, whereas the current structure just lets you say: <ProcessingDetails> <ValidDetail>IssuerTrust</ValidDetail> <ValidDetail>ValidityInterval</ValidDetail> <IndeterminateDetail>RevocationStatus</IndeterminateDetail> <InvalidDetail>Signature</InvalidDetail> </ProcessingDetails> However, what I liked about the current structure, was that it provides useful high-level info, such as: <IndeterminateDetail>RevocationStatus</IndeterminateDetail> without telling you precisely that a CRL or OCSP retrieval failed, which might be harder to convey than it's worth. But maybe we could take the current structure and add the ability to attach more specific information to any of the details, such as a URI <Code> that profiles can define, or a text <Message>, and an xs:any so profiles can add whatever else they want: <ProcessingDetails> <ValidDetail Type="IssuerTrust"/> <ValidDetail Type="ValidityInterval"/> <IndeterminateDetail Type="RevocationStatus"> <Code>urn:someprofile:indeterminate-detail:CRLNotReached</Code> </IndeterminateDetail> <InvalidDetail Type="Signature"> <Code>urn:oasis:names:tc:dss:1.0:invalid-detail:ReferenceFailure</Code> <Message>The ds:Reference's hash doesn't match the document</Message> </InvalidDetail> </ProcessingDetails> Your thoughts? Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]