[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: X509 ACs - Too late, too little

To: "Anders Rundgren" <anders.rundgren@xxxxxxxxx>, "PKIX-List" <ietf-pkix@xxxxxxx>
Subject: Re: X509 ACs - Too late, too little
From: Paul Hoffman / IMC <phoffman@xxxxxxx>
Date: Tue, 7 Nov 2000 16:51:19 -0800
In-reply-to: <>
References: <>

At 11:42 AM +0100 11/7/00, Anders Rundgren wrote:

XML-signatures are apparantly coming on strong.

For some value of "apparently". Please note that, even after the last call, people are still reporting technical changes that need to be made to the spec.

W3C now says the draft is in an advanced state.

Yes, they have been saying that for quite some time.

And IBM has kindly provided a reference implementation for public use at:

http://www.alphaworks.ibm.com/tech/xmlsecuritysuite

So why would anybody bother with ASN.1-based ACs?

This is a non-sequetor. XML signatures are signatures, they are not formats for certificates. As you point out, the XML DIGSIG draft (it is still not a standard) uses PKIX certificates.

--Paul Hoffman, Director
--Internet Mail Consortium

References:
- X509 ACs - Too late, too little
  - From: Anders Rundgren

Prev by Date: Re: Extended Key Usage and path validation
Next by Date: Re: X509 ACs - Too late, too little
Previous by thread: Re: X509 ACs - Too late, too little
Next by thread: Re: X509 ACs - Too late, too little
Index(es):
- Date
- Thread