[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RE Re: Any more comments ...
>> I'm suggesting merely allows multiple
>>virtual certificates to co-exist in the same record.
>Seems like a bad idea. A query for a single item should only retrieve a
>single result. When I retrieve a record how do I tell what certificate would
>I be getting.
You would be getting a single result, the set of all certificates matching a
query.
I have been looking into using raw keys expressed as URIs and unsigned
assertions. There is a suprisingly large amount that can be done in that model.
There is a long writeup on this in:
http://www.w3.org/pub/WWW/TR/WD-sigs.html
Ignore the blinking warning stuff at the top. This is merely there because when
I wrote the draft I wrote it in the context of HTTP/1.1 and not HTTP+PEP. There
are advantages to using PEP and the design of HTTP makes some kind of mechanim
necessary. But while I was writing the signature stuff I did not want to base it
on someone else's research. Once I have the PEP version running we can finally
release the code.
Phill
References: