[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] XRD trusted discovery workflow
On Thu, Dec 11, 2008 at 12:41 AM, Nat Sakimura <n-sakimura@nri.co.jp> wrote: > The workflow is like this: > > 1. When you access the Indentity URI, you will get link-header etc. > that points to the XRD associated to it. > 2. When you look into XRD, you can find the URI for the cert. > 3. Retrieving the cert, do the usual cert check. > 4. Find the Subject(UniqueIdentifier) in the cert and compair that > with CanonicalID. > 5. If they match, they are the pair we are looking for. See if the > signature on XRD can be verified. > 6. If OK, the XRD is authoritative. You can trust it, and start using > associated URIs (both in the authority section and services > section) in it. How d you know that the discovered XRD is authoritative for the identity URI you started with?
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]