OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xri] Datetime for ds:Signature

On Mon, 10 Aug 2009, John Bradley wrote:

> XRD spec 2.2.2 
>     2.2.2. Element <Expires>
> This xs:dateTime value indicates the time instant after which the 
> document is no longer valid and must not be used.

This may already have been discussed, but the "must not be used" there 
makes me nervous, as there is a typical issue with this kind of thing.

It may be taken to mean:  after this time the party relying on this 
document must assume the info in the document is no longer true and must 
purge any record of this information from local storage.  That is a tall 
order, and probably not what the signing party intends.  Usually such an 
element means:  the signer no longer guarantees the information in the 
signed document is true after this time, so the RP uses it at its own 

To avoid getting into what "guarantees" means etc, it's pragmatic for a 
spec, rather than saying "must not be used", to say something like "the 
document does not validate after this time", as a processing rule.  If 
that's what we want to say I suggest just removing the "and must not be 
used" from this sentence.

  - RL "Bob"

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]