[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ebxml-msg] RE: Regrets for tomorrow
I have another meeting today at the same time so I wouldn't be able to join.
However if you are going to talk about Pull Authorization issue, I do have a question about how to authorize via digital signature. So I would like to post my question as below and hopefully your discussions can resolve my puzzle:
Basically in an incoming Pull request there's no any information about who the pulling party is, so what's the best one to identify who the party is in order to uses the right certificate to authenticate and then authorize the request? The only thing I can look is the KeyInfo element in the signature, such as the certificate serial number, etc. Is it the right and reliable one to identify a pulling partner?
Hi Dale, and all,
I hope Jacques and Theo can join today so we could discuss the pull authorization issue.
So I propose not to cancel and see if we can discuss this issue.