[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] SimpleSign for estabilishing the authenticity of XRD.
On Thu, Dec 11, 2008 at 1:09 AM, Nat Sakimura <n-sakimura@nri.co.jp> wrote: > Unfortunately, as fare as I understand, this is exactly the case for XRI > resolution. > XRI resolution traverses through Authorities, and each authority returns an > XRD, pointing to the next authority. > This means, each XRD will be signed by different authorities. It is the use > case of the XRI SAML Trusted Resolution. > Then -- I have not touched the spec for long time, so I maybe wrong. > > Perhaps Peter or John could clarify. I've read Peter's clarification, but I'm still confused about why this would be a problem for XRD simple sign. let's say you've got 3 authorities involved in the XRD resolution. Authority A returns A.xml, signed with A's key. Authority B returns B.xml, signed with B's key. Authority C returns C.xml, signed with C's key. The client verifies the signatures on each of the documents, and that the pointers from one document to the next are legitimate. I'm clearly missing something about the XRI resolution process. Where does this process break down?
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]