On Thu, 2006-02-09 at 10:24, Priscilla Caplan wrote:
> Zhiwu Xie wrote:
> > 1. A question about "keyInformation".
> > XML signature defines a keyInfoType, which is an open architecture that
> > allows the user to choose from some exisitng key schemas or define their
> > own (there is a "any" element to choose from). This seems very suitable
> > for our use. However the PREMIS data dictionary proposed another
> > keyInformation element structure. With this structure it is difficult to
> > record some well-established key structure such as x.509 or PGP. Is
> > there any way that we can make use of the XML signature keyInfoType in
> > PREMIS?
> The keyInformation structure in PREMIS was supposed to be a more
> generalized version of the XML signatures schema. Remember, we first
> developed the Data Dictionary, and the Schema followed. In an early
> proposal by Andrea Goethals, all the elements in all the various key
> structures were included. When the group reviewed that, we didn't want
> to have so many elements, so we ended up defining 3: the type of key,
> the value of the key, and everything else. It is in the
> keyVerificationInformation where most of the x.509 or PGP key structure
> would go. They expectation was that users would map over elements from
> those structures as required.
> Though this made some sense from a Data Dictionary point of view, it's
> less generalized from a schema point of view, where the keyInfoType in
> XML signatures really gives you maximum flexibility. Do you think it
> would have been better if we'd just defined an unstructured keyInfo on
> which users could overlay in effect the established key structures?
Thanks a lot for the answer Priscilla. An unstructured keyInfo sounds
good to me, but let me ask my colleagues here first. They know more
about XML signature than me.
Graduate Research Assistant
Los Alamos National Lab