[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xri] trust profiles for XRD
For b), please refer to the post that I did a couple of minutes ago. Simply put, it does not... well, it just means that we cannot use the raw DNS based uri as CanonicalID. Could you kindly elaborate a)? =nat ________________________________________ 差出人: Brian Eaton [beaton@google.com] 送信日時: 2008年12月19日 1:26 宛先: Sakimura Nat CC: Ben Laurie; George Fletcher; XRI TC 件名: Re: [xri] trust profiles for XRD Doing this would break a) key rotation. b) legitimate reassignment of domains. On Thu, Dec 18, 2008 at 8:18 AM, Sakimura Nat <n-sakimura@nri.co.jp> wrote: > One of the easiest way is to rely on a registry that makes sure that the identifier is not going to be recycled. > Properly run CA's higher assurance cert's Subject is one such example. > XRI registry's persistent XRI (i-numbers) is another example. > > Rest is as described in the previous mail. > > =nat > > ________________________________________ > 差出人: Ben Laurie [benl@google.com] > 送信日時: 2008年12月18日 16:53 > 宛先: Sakimura Nat > CC: George Fletcher; Brian Eaton; XRI TC > 件名: Re: [xri] trust profiles for XRD > > On Thu, Dec 18, 2008 at 7:11 AM, Nat Sakimura <n-sakimura@nri.co.jp> wrote: >> >> >> Ben Laurie wrote: >>> >>> On Wed, Dec 17, 2008 at 11:20 AM, Nat Sakimura <n-sakimura@nri.co.jp> >>> wrote: >>> >>>> >>>> Thanks Brian for the write up. >>>> >>>> I have added comments to the wiki. >>>> >>>> Basically, it is kind of unfortunate, in addition to what George has >>>> pointed >>>> out, if we consider the case of domain owner change into the scope, it >>>> breaks. >>>> >>> >>> Surely any signing scheme breaks if the owner of the signing authority >>> can change? >>> >> >> In a long run, a signing authority of the XRD and the owner of the domain >> does not have to match. >> Sining authority for my XRD that has my CanonicalID is me even if I lose the >> authority over the domain. > > So how does this work? >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]