[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xri] Question: Is there a standard way to compose an identifier for the public key of an object?
Ahhh - we misunderstood each other. Each metadata cross reference has 3 parts, and your example has only two. (even $d and $v have 3 parts, but the second part has a default if it's left off). The metadata for public key would look something like ($t*pk*<BASE64-encoded-public-key>). The 3 part is the actual public key, which is whiy it could be long. I'm a directory person, so I don't think =sakimura/($t*pk) should return anything; it's not a command, it's just an identifier. Or, maybe XRI resolution could return a service point for the directory service that holds this entry. I think you would use LDAP, or some other protocol/query language to lookup the public key, e.g., ldapsearch -h <directory-server> -p <port> -b <search-base> -s <scope> "xri=\=sakimura" or ldap://<directory-server>:<port>/<search-base>??<scope>?"xri=\=sakimura" (with appropriately escaped quotes, equals, and backSlashes) Note the these examples are out of my head, so they're not completely accurate. The LDAP URL is defined in RFC 2255. Marty.Schleiff@boeing.com; CISSP Associate Technical Fellow - Cyber Identity Specialist Computing Security Infrastructure (206) 679-5933 -----Original Message----- From: Sakimura, Nat [mailto:n-sakimura@nri.co.jp] Sent: Tuesday, January 31, 2006 5:26 PM To: Schleiff, Marty; xri@lists.oasis-open.org Subject: RE: [xri] Question: Is there a standard way to compose an identifier for the public key of an object? Hi Marty, Thanks for the response. > Also, we could define a new $t type specifically for public keys. > However, this could generate pretty long XRIs. I am not sure if it should be in the metadata spec or community spec (in which case, GRS spec should have something like that), but defining new $t type is definitely one way of doing it. However, I did not get why this could generate long XRIs. Requesting =sakimura/($t*pk) should return a pointer to the public key of =sakimura, and XRI itself does not look very long. Nat > -----Original Message----- > From: Schleiff, Marty [mailto:marty.schleiff@boeing.com] > Sent: Wednesday, February 01, 2006 1:14 AM > To: Sakimura, Nat; xri@lists.oasis-open.org > Subject: RE: [xri] Question: Is there a standard way to compose an > identifier for the public key of an object? > > Hi Nat, > > In the Metadata Types spec we're defining something similar to what > you describe. It's a metadata tag for HIT (a Host Identity tag in the > Host Identity Payload protocol - see > http://www.irtf.org/charter?gtype=rg&group=hip). > > For example: ($t*hit*<hit-value>) > > <hit-value> is a hash of a public key. > > Also, we could define a new $t type specifically for public keys. > However, this could generate pretty long XRIs. > > > Marty.Schleiff@boeing.com; CISSP > Associate Technical Fellow - Cyber Identity Specialist Computing > Security Infrastructure > (206) 679-5933 > > -----Original Message----- > From: Sakimura, Nat [mailto:n-sakimura@nri.co.jp] > Sent: Tuesday, January 31, 2006 2:26 AM > To: xri@lists.oasis-open.org > Subject: [xri] Question: Is there a standard way to compose an > identifier for the public key of an object? > > Hi all, > > I have a question. > > Is there a standard way to compose an identifier for the public key of > an object? > > For example, it would be very nice if I can be assured that I will get > a public key for =bob by just doing > =bob*(+public_key) or something. Then, without any prior knowledge > about =bob, I can fetch his public key for bunch of processing. > > Cheers, > > Nat > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. You may a link to this group and all your TCs in > OASIS > at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgr > oups.php > > --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. You may a link to this group and all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]