RE: on criticality flags

Good, that is as I remembered too.

My question is specific to the Brown draft
http://www.w3.org/Signature/Drafts/xmldsig-signature-990618.html

which has always had a criticality attribute on the 'attribute' element and
that has not disappeared.  It is in the text and HTML versions.

Is the criticality flag in this case at odds with the experiences that you
and David Solo have had?

Thanks,
John Boyer
Software Development Manager
UWI.Com -- The Internet Forms Company


-----Original Message-----
From: Barb Fox (Exchange) [mailto:bfox@Exchange.Microsoft.com]
Sent: Wednesday, July 28, 1999 3:43 PM
To: John Boyer; 'DSig Group'
Subject: RE: on criticality flags


RE: > Regarding criticality flags in the attributes, I seem to recall there
being
> a fair bit of aversion at and around the initial workshop on whether we
> should have criticality flags.  The persons who expressed this opinion
> seemed to have a great deal of experience with prior security protocols.
> What were the problems, and have they been overcome?  Since the
criticality
> flags are either still included or have returned (I don't know which), I
> assume there was a resolution.  What was it?

John:

I believe that Dave Solo and I both posted on this with strong feelings
against criticality flags. My comment was that WEBDAV has already thought
this through (ck out RFC
2518) and have chosen to have clients ignore elements they do not
understand. I also share Dave's  "sub-optimal" experience with criticality
flags in PKIX. Frankly, I thought we agreed to drop them at MIT and I don't
recall any revival in Oslo.

--Barbara Fox
Microsoft

Received on Wednesday, 28 July 1999 18:52:58 UTC