I note in passing that none of this has anything to do with accreditation
system linkage. I support defining a linkage field for this purpose in the
base specifications. The field's syntax should be that of a URL; defining
its use should be out of scope for now.
I don't understand what this would achieve. The syntax is extensible
right now, so why specify something that doesn't have semantics? I
Presumably, a validating agent who is trying to evaluate an incoming message
wants to use assessment services that they trust. That trust cannot be given
from any agent involved in creating or sending the message, since one (or maybe
more) of them is the identity being evaluated.
So, what is the purpose of having the message signer provide a pointer to
assessment information? (For reference, CSV provides this mechanism, too.)
It appears the primary purpose is efficiency. If there are jillions of
assessment services, which one(s) should the validating agent check with?
The validating agent is not going to automatically trust an assessment service
that the signing agent provides, so the signing agent probably wants to be
able to provide a list of likely services, for the validating agent to
consider.
d/
---
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net