Key Discovery In DTP Draft 3
Grant Monroe
grant at janrain.com
Fri Jan 5 16:30:54 UTC 2007
On 1/4/07, Recordon, David <drecordon at verisign.com> wrote:
> Hey guys,
> Was looking at
> http://openid.net/specs/openid-service-key-discovery-1_0-01.html tonight
> and curious why the decision was made to define the <PublicKey />
> element which contains a link to the RSA key or X.509 certificate versus
> embedding the key in the XRDS file?
I believe the rational was that KeyInfo objects can be quite large.
Especially if you have multiple services using them. We were concerned
about XRDSs getting really large. It doesn't make a whole lot of sense
to download a key for a service entry you aren't even interested in.
--
Grant Monroe
JanRain, Inc.
More information about the specs
mailing list