OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [xri] subject sets (also sort of: Agenda for August 6, 2009 call)

Eran Hammer-Lahav wrote on 2009-08-07:
> We need a simple way to verify the association between the Subject of the
> XRD and the certificate used to sign it. The requirement we have is to
> a way to guarantee that the same entity which controls the domain name in
> the Subject, controls the certificate as well, and signed the XRD.
> You can sign an XRD using anything, but our focus has been on the resource
> owner being able to describe the resource (Subject) and sign it in a way
> that a client can confirm that it was really the resource owner who
> described it. Since we are dealing with many limitations, we decided to
> limit this to the authority level (which is defined in 3896).

That's all perfectly appropriate for a profile, but I think it's orthogonal
to the basic XRD specification.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]