W3C home > Mailing lists > Public > public-wsc-wg@w3.org > December 2007

Re: Comments on Draft

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Fri, 14 Dec 2007 14:27:10 -0500
Cc: public-wsc-wg@w3.org
Message-ID: <OFA26C0551.5730CB37-ON852573B1.005F7DEB-852573B1.006ADB89@LocalDomain>
To: dan.schutzer@fstc.org
Remember to create Issues for anything you want tracked. You should 
probably create a single issue for any editorial changes. 

comments as a participant:

I  note your comment in 7.1 seems to directly respond to the discussion we 
had questioning what attacks this alternative form of matching might 

On your question in 7.2, I believe the idea is that this information is 
always protected, so that not protecting it on the network with TLS is a 
gap in the security provided. 

The second paragraph you added in SBM is not at all in spec language. As a 
reader, I can't tell if it's normative (Requirements or Techniques), or 
examples, or something else. And if it's "something else", it doesn't 
belong. Read some of the other sections to see what I mean. Try to figure 
out which of those three categories you're going for, then emulate the 
style of other sections. 

The third paragraph you added doesn't seem to belong in a spec at all. 


"Dan Schutzer" <dan.schutzer@fstc.org>
"'Dan Schutzer'" <dan.schutzer@fstc.org>
11/30/2007 07:48 AM
Comments on Draft



I just took a pass through the document and have attached it with my 
comments (view under web layout). Let me know if you want this placed 
somewhere on the website. I hesitated to write over anything on the site.


Dan[attachment "Web Security Context draft Nov 2007.doc" deleted by Mary 
Ellen Zurko/Westford/IBM] 
Received on Friday, 14 December 2007 19:27:30 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:14:19 UTC