Comment on OpenID Federation Spec: Mystical Metadata Statements?

[Mike Schwartz]

I have no idea what section 3.4.1 is telling me... and it's the heart of 
this spec. Granted, I'm not a mathematician. But am I the only one who 
finds this conceptually a little unclear? Is it's lack of 
comprehensibility just not a problem in this case? And if so, is "Basic" 
the right term for the title?

Also, please remove the "simple" from this section. If you're trying to 
say it's simple for marketing reasons, it's not working.

(Section 3.4.1 copied below for convenience)

- Mike Schwartz
Gluu


3.4.1. Basic Components

To describe Compounded Metadata Statements, we need a way of describing 
the different components in such a statement. These are the basic 
components:

ms_X

Metadata Statement signing request by X without signing keys and signed 
metadata statements.
SK[X]

Signing keys that belong to X
X(MS)

Metadata Statement signed by X
A(ms_B + SK[B])

Using these basic components, we can now describe a simple signed 
Metadata Statement as:

(ms_C + SK[C])
(ms_C + SK[C] + A(ms_B + SK[B]))

Creating a compounded metadata statements involves adding previously 
signed metadata statements to the request before signing it. So, if we 
start off with C sending this signing request to B,

B(ms_C + SK[C) + A(ms_B + SK[B]))


This is the resulting compounded metadata statement:

Note that the level N requester is the level N+1 signer.