[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] XRD trusted discovery workflow
Comment inline below: Brian Eaton wrote: > On Tue, Dec 9, 2008 at 8:35 PM, Dirk Balfanz <balfanz@google.com> wrote: > >> If so, why have <Delegation> >> point to a key name? Shouldn't rather point to a canonical_id, so that we >> can use the basic verification step mentioned above (seems like otherwise >> the basic verification step doesn't apply to the case where I have both a >> canonical_id and a keyName going in to the verification step). >> > > I can't express this with any kind of strong technical confidence, but > my gut feeling is that the canonical ID describes what you are looking > for. The key name describes who you expect to sign what you are > looking for. Would you ever attempt discovery on a key name? I don't > think so. > Yes. That's what in SimpleSign proposal. It is using a field <ProviderID>, which is the CanonicalID of the delegated party, which has been talked in a different thread, I think. =nat
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]