W3C home > Mailing lists > Public > public-xmlsec@w3.org > September 2008

Fwd: A couple of comments on Best Practices doc

From: Hirsch Frederick (Nokia-OCTO/Boston) <frederick.hirsch@nokia.com>
Date: Fri, 19 Sep 2008 11:15:20 -0400
Message-Id: <CA734408-E641-448F-BC01-167235299B52@nokia.com>
To: XMLSec WG Public List <public-xmlsec@w3.org>

resend to public list, please follow-up on public list.

Begin forwarded message:

> Resent-From: member-xmlsec@w3.org
> From: "ext Sean Mullan" <Sean.Mullan@Sun.COM>
> Date: September 17, 2008 4:06:11 PM EDT
> To: "member-xmlsec@w3.org" <member-xmlsec@w3.org>
> Subject: A couple of comments on Best Practices doc
>
>
> Section 1, Overview
>
> Both paragraphs say essentially the same thing. I suggest removing  
> the first paragraph, as the 2nd one contains useful links.
>
> Section 2.1.4, 4th paragraph, last sentence:
>
> "Retrieval of remote references may also leak information about the  
> verifiers of a message, as with a "web bug"."
>
> There are not enough details as to what a "web bug" is and what the  
> threat is. I suggest removing it or adding more explanation.
>
> --Sean
>
>
Received on Friday, 19 September 2008 15:16:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:54 GMT