On Wed, Dec 3, 2008 at 9:38 AM, Eran Hammer-Lahav <[EMAIL PROTECTED]> wrote: > -----Original Message----- >> From: Breno de Medeiros [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, December 03, 2008 9:33 AM >> >> However, from what I have been hearing, the current proposal does not >> plan for signing of site-meta, and the links pointed to by it will >> have to carry implicit trust (maybe they will be signed documents, or >> maybe they are just informative). > > /site-meta will certainly support signatures, the open question is where to > specify that mechanism. I think this will get resolved in the larger context > of what building blocks we end up using > for the end-to-end discovery protocol. We are arguing about what > functionality belongs in which spec, not if the functionality itself is > needed.
This is not completely apparent from the way the pieces are being discussed in different settings. If site-meta is to support signatures, then how the signature fits in probably should live on the site-meta spec (even if it points to a signature scheme defined elsewhere, or leaves the actual signature mechanism unspecified). > > EHL > -- --Breno +1 (650) 214-1007 desk +1 (408) 212-0135 (Grand Central) MTV-41-3 : 383-A PST (GMT-8) / PDT(GMT-7)