OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xri] XRD trusted discovery workflow

Comment inline below:

Brian Eaton wrote:
> On Tue, Dec 9, 2008 at 8:35 PM, Dirk Balfanz <balfanz@google.com> wrote:
>   
>> If so, why have <Delegation>
>> point to a key name? Shouldn't rather point to a canonical_id, so that we
>> can use the basic verification step mentioned above (seems like otherwise
>> the basic verification step doesn't apply to the case where I have both a
>> canonical_id and a keyName going in to the verification step).
>>     
>
> I can't express this with any kind of strong technical confidence, but
> my gut feeling is that the canonical ID describes what you are looking
> for.  The key name describes who you expect to sign what you are
> looking for.  Would you ever attempt discovery on a key name?  I don't
> think so.
>   
Yes. That's what in SimpleSign proposal. It is using a field 
<ProviderID>, which is the CanonicalID of the delegated party, which has 
been talked in a different thread, I think.

=nat

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]