[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: XrML: Multiple Grants
Greetings, The XrML token profile spec referes to a scenario where a license contains a grant with a KeyHolder principal identifying a key which is used to sign the message. The KeyInfo element in the signature contains a SecurityTokenReference to the license containing the grant in question. However, the spec does not state that only one grant with a keyHolder principal may be present in the license, nor does it seem to provide any mechanism for identifying which grant contains the key data to verify the signature (in the case where there are multiple grants with KeyHolder principals present in the license). Can we assume that only one grant with a keyHolder principal is allowed in a license? Should we assume that there some mechanism for identifing a particular grant within a license? Or, if there are multiple grants, can we assume that there is only one keyHolder principal across those grants? Thanks Vijay
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]