[CAP] Decrease milling when increase trust RE: Vol7 #2
Mick Jagger
lists at jpw.biz
Fri Jan 6 11:37:35 PST 2006
> is the appropriate way to digitally sign these messages. External to
> the standard, we need to have a public key infrastructure that supports
> verification of the public keys.
I'd certainly like to see some discussion on developing this public-key system. The XML signing/security method is pretty much left up to the implementer at this point. But in advance of any future standard, there could be some informal best practices and system design done. Is anyone using a PKI system for CAP right now? I've been experimenting with an x509 system for a single point source with a specific transport type (one server to many clients over HTTP). But interoperability and multiple transport methods is a problem.
--
lists at jpw.biz
--
More information about the CAP-list
mailing list