[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Comments on XAdES profile
Juan Carlos, I can't envisage a practical need for the client to select the key. The identity of the requestor must already be authenticated. The only possible situation is that the requestor has several signing keys, but I don't see that as the a general requirement. Nick ... > > >3.1.1.2 lines 172-176 > >Generally, I would expect the server to select the key. MUST be > supported > >by server but only MAY be present in request. > > > Well, in fact the writing is not good. > IF the server is able to gain access to the certificate in the view of > the identitiy of the requester, then the KeySelector is not needed. > BUT IF the server can not do that, then the client MUST add its > certificate to the request. One question that one may have is: > if the server has the private key, is there any reason why it must > not have the certificate?... If the answer is NO, then perhaps > there are not many reasons for this element to appear. > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]