RE: ACTION-59 Draft section 9 from Doyle, Bill on 2007-01-11 (public-wsc-wg@w3.org from January 2007)

From: Doyle, Bill <wdoyle@mitre.org>
Date: Thu, 11 Jan 2007 14:16:14 -0500
To: "Mary Ellen Zurko" <Mary_Ellen_Zurko@notesdev.ibm.com>
Cc: <public-wsc-wg@w3.org>
Message-ID: <518C60F36D5DBC489E91563736BA4B580128B0A6@IMCSRV5.MITRE.ORG>

Thanks for the feedback Mez,

 

Can do! 

 

Bill D.

wdoyle@mitre.org

 

 

 

 

-----Original Message-----
From: Mary Ellen Zurko [mailto:Mary_Ellen_Zurko@notesdev.ibm.com] 
Sent: Wednesday, January 10, 2007 11:24 AM
To: Doyle, Bill
Cc: public-wsc-wg@w3.org
Subject: RE: ACTION-59 Draft section 9

 


Hi Bill, 

Good start, and thanks for taking this on. It's a substantial piece of
groundwork for us. 

Can you flesh out the items in protocools by listing the parts of the
protocols that provide (potential) security context information? Which
headers in HTTP? What does PKIX provide? SSL; you seem to have missed
saying anything about server authentication (and what information
associated with that). And so on. Does that make sense? I'm looking for
a one-stop list of potential inputs for the display of security context
information. You don't need to put in a lot of data that's redundant
with specs. You can, for example, just list fields or items and include
a reference to the spec that describes them. 

          Mez





"Doyle, Bill" <wdoyle@mitre.org> 
Sent by: public-wsc-wg-request@w3.org 

01/03/2007 09:22 AM 

To

Timothy Hahn/Durham/IBM@IBMUS, <public-wsc-wg@w3.org> 

cc

 

Subject

RE: ACTION-59 Draft section 9

 

 

 




Tim, 
  
I have made a major update to the Security Context Available section. 
  
http://www.w3.org/2006/WSC/wiki/NoteSecurityContextAvailable
<http://www.w3.org/2006/WSC/wiki/NoteSecurityContextAvailable>  
  
and I am still in the process of cleaning it up and will sent out a
note to the team this AM. 
  
Thx 
Bill D. 
  

________________________________

From: public-wsc-wg-request@w3.org
[mailto:public-wsc-wg-request@w3.org] On Behalf Of Timothy Hahn
Sent: Tuesday, January 02, 2007 4:03 PM
To: public-wsc-wg@w3.org
Subject: ACTION-59 Draft section 9


Hi all, 

I have added a new table here:
http://www.w3.org/2006/WSC/wiki/ContextPresentation in an attempt to
merge the bullet list from
http://www.w3.org/2006/WSC/wiki/NoteSecurityContextAvailable and the
previous table. 

I took the liberty of adding a third column "known weaknesses and
attacks". 

I am looking for feedback and additional input to this table before
adding it in as Section 9. 

Thanks, 
Tim Hahn

Internet: hahnt@us.ibm.com
Internal: Timothy Hahn/Durham/IBM@IBMUS
phone: 919.224.1565     tie-line: 8/687.1565
fax: 919.224.2530

Received on Thursday, 11 January 2007 19:16:30 UTC