W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 1999

RD Comments

From: Richard D. Brown <rdbrown@Globeset.com>
Date: Mon, 27 Sep 1999 14:26:51 -0500
To: "'Joseph M. Reagle Jr.'" <reagle@w3.org>
Cc: "'IETF/W3C XML-DSig WG'" <w3c-ietf-xmldsig@w3.org>
Message-ID: <001701bf091e$40f5e970$0bc0010a@artemis.globeset.com>
Joseph,

Please find RD comments below.

TYPOS:
======

page 1: "...,we have introduced changes that hopefully states..."
instead: "...,we have introduced changes that hopefully state..."

#2.1: "The specification must describe how to a sign..."
instead: "The specification must describe how to sign a..."

#2.2: "...Web resources are defined as any digital content content that..."
instead: "...Web resources are defined as any digital content that..."

OTHERS:
=======

#2.3: Why sublist 2.3.1-2.3.2?

#2.3: "...via a strong one-way transformation."
note: A signature or authentication algorithm is not necessarily a one-way
function. It is a cryptographic algorithm whose strength primarily resides
in the secrecy of a key.

#2.2.2: The formal description is quite confusing. among other things, R is
defined as a resource and then used for a request. Also, what is the K
parameter listed at the end of the definition.

#2.6: "Applications are expected to normalize application specific semantics
prior to handing data to a XML-signature application."
note: Why? It shall be sufficient to specify the canonicalizer to be used by
the signature engine...

#2.6/2.7: You refer to XML-signature application. Is that correct? Don't you
think that we are referring to any XML application that makes use of the XML
Signature Specification?

#3.2.2: see current discussion on the list...

Richard D.
Received on Monday, 27 September 1999 15:28:15 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:07 GMT