[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Issue 25: ic09:X509Principal and ic09:X509SubjectAndIssuerintroduced in locations that violate IMI 1.0 schema
I’ve filed Issue 25:
ic09:X509Principal and ic09:X509SubjectAndIssuer introduced in locations that
violate IMI 1.0 schema Problem: Lines 284, 288, and 319 of
identity-1.1-spec-ed-01.doc (http://www.oasis-open.org/committees/download.php/32418/identity-1.1-spec-ed-01.doc)
specify that the new ic09:X509Principal element be placed within an
ic:X509V3Credential element. However the schema for ic:X509V3Credential
specifies that it is a sequence of ds:X509Data elements, with no extension
point defined. Thus, our current 1.1 spec violates the 1.0 schema. Likewise, lines 299, 303, 307, 318, and 319 of
identity-1.1-spec-ed-01.doc specify that the new ic09:X509SubjectAndIssuer
element be placed within an ic:X509V3Credential element. This also
violates the 1.0 schema in the same manner. Proposed Resolution: Place the
ic09:X509Principal and ic09:X509SubjectAndIssuer elements within a ds:X509Data
element (which does allow extensions), with the ds:X509Data element being
within an ic:X509V3Credential element. Let’s discuss this during the call on Thursday. --
Mike |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]