[Date Prev][Date Next][Thread Prev][Thread Next][Author Index][Date Index][Thread Index]
Mediaserver and signatures
- To: zzdev@xxxxxxxxxx
- Subject: Mediaserver and signatures
- From: Tuomas Lukka <lukka@xxxxxxxxxx>
- Date: Fri, 29 Jun 2001 15:44:42 +0300
- Mail-followup-to: zzdev@xxxxxxxxxx
According to the current design, signatures would be parts of the ID.
I just came up with a very good reason not to do this: revoking.
Basically, we will have to be able to revoke any given key, and
keys do have to have expiration dates. Therefore, the signing architecture
should be separate from the IDs themselves.
For ensuring that there are no ID collisions, a hash should be a part
of the ID, hashing both the ID and the content, though.