xri message

Subject: Re: [xri] Secure XRD Proposals

From: Peter Davis <peter.davis@neustar.biz>
To: Brian Eaton <beaton@google.com>
Date: Thu, 18 Dec 2008 15:50:37 -0500

On Dec 18, 2008, at 2:47 PM, Brian Eaton wrote:

> On Thu, Dec 18, 2008 at 11:25 AM, Peter Davis  
> <peter.davis@neustar.biz> wrote:
>> I can see use cases for each service element being signed. This is
>> essentially the detached signature model provided in XMLDsig.
>
> What are those use cases?

circumstances where the relying party to the XRD needs to interact  
with 'certified' providers of a given service, and establishing a  
network connection to a bogus service is expensive/inefficient (wrt  
network usage), or might otherwise cause harm to either the relying  
party or the user.

In these cases, it is not sufficient to simply sign the set of  
services, as there may be several certified entities (for either  
identical services or different ones), and the XRD signature is too  
broad in scope for such circumstances.

=peterd

Follow-Ups:
- Re: [xri] Secure XRD Proposals
  - From: Eran Hammer-Lahav <eran@hueniverse.com>

References:
- Secure XRD Proposals
  - From: n-sakimura@nri.co.jp
- Re: [xri] Secure XRD Proposals
  - From: Brian Eaton <beaton@google.com>
- Re: [xri] Secure XRD Proposals
  - From: Dirk Balfanz <balfanz@google.com>
- Re: [xri] Secure XRD Proposals
  - From: Peter Davis <peter.davis@neustar.biz>
- Re: [xri] Secure XRD Proposals
  - From: Brian Eaton <beaton@google.com>