Key Discovery In DTP Draft 3

Grant Monroe grant at janrain.com
Fri Jan 5 18:08:44 UTC 2007


That sounds fine. I have never heard of the RetrievalMethod element,
so I can't really speak to whether that is the way to go or not. Is it
part of XRDS?

On 1/5/07, Recordon, David <drecordon at verisign.com> wrote:
> True, though why not still use this XML structure and the
> "RetrievalMethod" element within the XRDS so that can then point to a
> remote "KeyInfo" element in another XML document?
>
> --David
>
> -----Original Message-----
> From: grant.monroe at gmail.com [mailto:grant.monroe at gmail.com] On Behalf
> Of Grant Monroe
> Sent: Friday, January 05, 2007 8:31 AM
> To: Recordon, David
> Cc: Carl Howells; specs at openid.net
> Subject: Re: Key Discovery In DTP Draft 3
>
> On 1/4/07, Recordon, David <drecordon at verisign.com> wrote:
> > Hey guys,
> > Was looking at
> > http://openid.net/specs/openid-service-key-discovery-1_0-01.html
> > tonight and curious why the decision was made to define the <PublicKey
>
> > /> element which contains a link to the RSA key or X.509 certificate
> > versus embedding the key in the XRDS file?
>
> I believe the rational was that KeyInfo objects can be quite large.
> Especially if you have multiple services using them. We were concerned
> about XRDSs getting really large. It doesn't make a whole lot of sense
> to download a key for a service entry you aren't even interested in.
>
> --
>  Grant Monroe
>  JanRain, Inc.
>
>


-- 
 Grant Monroe
 JanRain, Inc.



More information about the specs mailing list