[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RE Re: Any more comments ...

>> I'm suggesting merely allows multiple  
>>virtual certificates to co-exist in the same record. 
>Seems like a bad idea.  A query for a single item should only retrieve a 
>single result.  When I retrieve a record how do I tell what certificate would 
>I be getting. 

You would be getting a single result, the set of all certificates matching a 

I have been looking into using raw keys expressed as URIs and unsigned 
assertions. There is a suprisingly large amount that can be done in that model.

There is a long writeup on this in:


Ignore the blinking warning stuff at the top. This is merely there because when 
I wrote the draft I wrote it in the context of HTTP/1.1 and not HTTP+PEP. There 
are advantages to using PEP and the design of HTTP makes some kind of mechanim 
necessary. But while I was writing the signature stuff I did not want to base it 
on someone else's research. Once I have the PEP version running we can finally 
release the code.