ebxml-tp message

OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

Subject: Re: comments on cppml,v0.1.dtd 

Seems reasonable to me.  Certainly don't want to do it 
ourself.

Henry

PS: Didn't send to Security as I'm not on that list & it'd 
bounce.
--------------------------
At 12:53 PM 12/12/2000 -0500, Christopher Ferris wrote:
>All,
>
>I would like to hear some opinions on the following comment
>I have regarding the initial draft DTD for our CPP/CPA.
>
>The original tpaML,v1.0.6 offered a Certificate
>element which was composed of (basically) the same
>elements as have been defined thus far for our CPP.
>I only reorganized things such that a set of Certificates
>could be organized/collected within a Party element (formerly 
>Participants/Member). 
>
>The issue/comment that I have is that the certificate
>contains no means which I can determine to actually
>identify the certificate itself. Would we be better
>served to leverage the work of the (now CR) XMLDSig WG
>and use the KeyInfo element they have defined?
>
>http://www.w3.org/TR/2000/CR-xmldsig-core-20001031/#sec-KeyInfo
>
>e.g.
><KeyInfo>
>  <X509Data> <!-- two pointers to certificate-A -->
>    <X509IssuerSerial> 
>      <X509IssuerName>CN=TAMURA Kent, OU=TRL, O=IBM, 
>                  L=Yamato-shi, ST=Kanagawa, C=JP</X509IssuerName>
>      <X509SerialNumber>12345678</X509SerialNumber>
>    </X509IssuerSerial>
>    <X509SKI>31d97bd7</X509SKI> 
>  </X509Data>
>  <X509Data> <!-- single pointer to certificate-B -->
>      <X509SubjectName>Subject of Certificate B</X509SubjectName>
>  </X509Data> 
>  <X509Data><!-- certificate chain -->
>              <!--Signer cert, issuer CN=arbolCA,OU=FVT,O=IBM,C=US, serial
4-->
>    <X509Certificate>MIICXTCCA..</X509Certificate>
>    <!-- Intermediate cert subject CN=arbolCA,OU=FVTO=IBM,C=US 
>                   issuer,CN=tootiseCA,OU=FVT,O=Bridgepoint,C=US -->
>    <X509Certificate>MIICPzCCA...</X509Certificate>
>    <!-- Root cert subject CN=tootiseCA,OU=FVT,O=Bridgepoint,C=US -->
>    <X509Certificate>MIICSTCCA...</X509Certificate>
>  </X509Data>
></KeyInfo>
>
>It would seem to me that this would be a logical choice
>for us as it would (potentially) ease implementation
>use of this particular feature, especially once XMLDSig becomes
>more commonly used.
>
>I see no real benefit at this stage for ebXML to define
>its own XML vocabulary for describing a certificate.
>
>Comments?
>
>Thanks!
>
>Chris
>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Search: Match: Sort by:
Words: | Help

Powered by eList eXpress LLC