>>>>> "Alberto" == Alberto Ruiz <[log in to unmask]> writes:

    >> An encoded set of selection rules is either a string or a list of strings depending on encoding.
    >> For example if we use json, it depends on where we treat the list.
    Alberto> I guess list of strings works for me. Does each selection rule need an
    Alberto> id or alias?

I don't currently see a need for that.
I don't think we currently plan to manipulate that through the gui, and
presumably whenever we update the set of 
rules associated with an ID card we'll replace them all.

    >> However I'm adding the following text to the trust anchor wiki page:
    >> 
    >> ## What needs to represent a trust anchor on an ID card
    >> 
    >> * An optional base64-encoded CA certificate (a relatively long base64 string)
    >> * An optional subject name constraint (string)
    >> * An optional subject alternative name constraint (string)
    >> * An optional hash of a server certificate
    >> 
    >> The server certificate hash field is mutually exclusive with the other fields.

    Alberto> Do we need another field to select which method is going to be used or
    Alberto> do we have a priority list for the methods and try to find the
    Alberto> existing preferred one? Can it be the case that all of them are empty
    Alberto> at the same time? As you mention that the CA certificate is mutually
    Alberto> exclusive, does this mean that there are actually two methods and the
    Alberto> latter three strings are all part of the same method?

It's reasonable to think of it as two methods.
If the hash is non-empty you're using the hash and everything else must
be empty.
Otherwise,  it's a CA-based method  and the hash must be empty.
It's legal for everything to be empty, but that's not a very secure
configuration.

In terms of ID cards added by a user, we will force the hash to be
empty, the CA cert to be empty and all the user to enter one or both of
the name constraints.