per-entity - Re: [Per-Entity] adding a layer to the security model
Subject: Per-Entity Metadata Working Group
List archive
- From: "Cantor, Scott" <>
- To: Tom Scavo <>
- Cc: Per-Entity Metadata Working Group <>
- Subject: Re: [Per-Entity] adding a layer to the security model
- Date: Wed, 21 Sep 2016 16:15:28 +0000
- Accept-language: en-US
- Authentication-results: spf=pass (sender IP is 164.107.81.222) smtp.mailfrom=osu.edu; incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=bestguesspass action=none header.from=osu.edu;
- Ironport-phdr: 9a23:oQ0A4xHH1bfE97PHo67WDJ1GYnF86YWxBRYc798ds5kLTJ76rsqwAkXT6L1XgUPTWs2DsrQf1LqQ7vurADFIyK3CmU5BWaQEbwUCh8QSkl5oK+++Imq/EsTXaTcnFt9JTl5v8iLzG0FUHMHjew+a+SXqvnY6Uy/yPgttJ+nzBpWaz4Huj7jzqNXvZFB0gz/1Wrh7MhL++RnLrcIfn4xKK6AtxwHPr2cSPela2DU7C0iUmkO2zc624Jl5t2xrsPU964QIBa7zebg/V/oCJDM9LiY46NC95kqLdheG+nZJCjZeqRFPGQWQqUiiBpo=
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
On 9/21/16, 12:09 PM,
"
on behalf of Tom Scavo"
<
on behalf of
>
wrote:
> Can you describe how content-negotiation might play into this?
I just mean the files would be pre-signed in various formats and pushed out,
and then the server would look at the Accept header to decide which format to
return. Maybe with MIME type options or just by defining custom MIME types or
whatever.
I suppose if the formats composite safely maybe it doesn't matter that much,
but there's certainly a non-trivial parsing overhead to XML Signature since
all that XML is rather bloated.
This is OT: I suppose we haven't discussed this, but it isn't essential that
the KeyInfo be included here. It's good practice I guess, but when you're
signing ton of little files, it seems more gratuitious to me to include a
reference to the key everybody already needs to have installed. It's
meaningless in a huge file, but in these? I'm thinking not so much.
-- Scott
- [Per-Entity] adding a layer to the security model, Tom Scavo, 09/21/2016
- Re: [Per-Entity] adding a layer to the security model, Cantor, Scott, 09/21/2016
- Re: [Per-Entity] adding a layer to the security model, Tom Scavo, 09/21/2016
- Re: [Per-Entity] adding a layer to the security model, Cantor, Scott, 09/21/2016
- Re: [Per-Entity] adding a layer to the security model, Tom Scavo, 09/21/2016
- Re: [Per-Entity] adding a layer to the security model, Cantor, Scott, 09/21/2016
- Re: [Per-Entity] adding a layer to the security model, Nick Roy, 09/21/2016
- Re: [Per-Entity] adding a layer to the security model, Cantor, Scott, 09/21/2016
- Re: [Per-Entity] adding a layer to the security model, Tom Scavo, 09/21/2016
- Re: [Per-Entity] adding a layer to the security model, Cantor, Scott, 09/21/2016
- Re: [Per-Entity] adding a layer to the security model, Tom Scavo, 09/21/2016
- Re: [Per-Entity] adding a layer to the security model, Cantor, Scott, 09/21/2016
Archive powered by MHonArc 2.6.19.