xri message

Subject: Re: [xri] SimpleSign for estabilishing the authenticity of XRD.

From: Nat Sakimura <n-sakimura@nri.co.jp>
To: Brian Eaton <beaton@google.com>
Date: Thu, 11 Dec 2008 18:09:43 +0900

Hi Brian,

Brian Eaton wrote:
> Nat wrote>
>   
>>> If we are to take this file based approach, we have to define how the
>>> signature will work for XRDS.
>>>       
>
> That seems easy.  We can reuse the exact same algorithm and XML
> schema, right?  So long as we are using a single key to sign a single
> document, there's no problem.  We get into messiness if we need to
> include signatures from several different keys in the same document.
> Do you need to do that, and if so why?
>   
Unfortunately, as fare as I understand, this is exactly the case for XRI 
resolution.
XRI resolution traverses through Authorities, and each authority returns 
an XRD, pointing to the next authority.
This means, each XRD will be signed by different authorities. It is the 
use case of the XRI SAML Trusted Resolution.
Then -- I have not touched the spec for long time, so I maybe wrong.

Perhaps Peter or John could clarify.

Cheers,

=nat

Follow-Ups:
- Re: [xri] SimpleSign for estabilishing the authenticity of XRD.
  - From: Brian Eaton <beaton@google.com>
- Re: [xri] SimpleSign for estabilishing the authenticity of XRD.
  - From: Peter Davis <peter.davis@neustar.biz>

References:
- SimpleSign for estabilishing the authenticity of XRD.
  - From: Nat Sakimura <n-sakimura@nri.co.jp>
- Re: [xri] SimpleSign for estabilishing the authenticity of XRD.
  - From: Nat Sakimura <n-sakimura@nri.co.jp>
- Re: [xri] SimpleSign for estabilishing the authenticity of XRD.
  - From: "Markus Sabadello" <markus.sabadello@xdi.org>
- Re: [xri] SimpleSign for estabilishing the authenticity of XRD.
  - From: Brian Eaton <beaton@google.com>