On Sat, 28 May 2005 at 14:01:56 -0700 Paul Hoffman opined: > At 3:07 PM -0600 5/27/05, The Purple Streak, Hilarie Orman wrote: > >The Key Info is part of the XMLDigSig, but it is not required. Because > >it tells you where and how to obtain the pertinent certificate, it > >could be a boon for this particular application. There is no need > >to keep the signer secret, so I'd think it should be required.
> This is the kind of thing we can do in the implementer's guidelines. It's more like an actual law than a guideline :-) You couldn't possibly write a compliant implementation for checking signatures without knowing how to get the certificate that goes with a signed entry, so it seems to be a fundamental part of the design, not an implementation guideline. > >It doesn't solve the chain-of-trust problem, though. > Nothing does :-) . Or is that :-( ? Yes to both. Sweet and sour. But what is the intent of the signature? It should be to validate that some entity, having some relationship to the signed entry, declared that at some time, it was authentic. How can a checker decide that the entity has an appropriate relationship? If the signer doesn't know this, then the signature might hamper interoperability. Hilarie
