Change log #1 from Hallam-Baker, Phillip on 2002-12-03 (www-xkms@w3.org from December 2002)

From: Hallam-Baker, Phillip <pbaker@verisign.com>
Date: Tue, 3 Dec 2002 08:33:09 -0800
To: "Www-Xkms (E-mail)" <www-xkms@w3.org>
Message-ID: <CE541259607DE94CA2A23816FB49F4A34D6145@vhqpostal6.verisign.com>

This is the change log on Reagle Comments (other comments in editing at
the moment)   

XKMS Part 1
 
 
 
Minor wording changes: - these are by paragraph number, not issue number
 
[P9]This document specifies protocols for distributing and registering
public keys, suitable for use in conjunction with the standard for XML
Signatures  <outbind://1/#XML-SIG> [XML-SIG] defined by the World Wide
Web Consortium (W3C) and the Internet Engineering Task Force (IETF) and
companion standard for XML encryption  <outbind://1/#XML-Enc> [XML-ENC].

 
[P40]  No change
 
The proposed alternative wording is ambiguous and weakens the
requirement from MUST NOT to MAY, MUST NOT unless is perfectly good
grammar.
 
[P42][P43] No change
 
The optional status features are as discussed at the face to face. No
concrete alternative is proposed.
 
[P57] Deferred till major edits cycle.
 
[P82] Deferred
 
The point here is that if XKMS is layered on HTTP tere is no guarantee
the notification is going to get through. although we could layer on
DIME that is nowehere near standard yet, will add in some clarifying
remarks
 
[P86] No change, existing text is sufficient
 
There is an inline definition: a signing oracle, that is sign a messages
whose content is guessable by an attacker. 
 
[P107] No change yet
 
All the examples are still requiring tweaks.
 
[P119]  Deferred 
 
See the policy identifier discussion on the list
 
[P123] No Change
 
The .test domain is specifically defined for the purpose of use in
examples, can add in a citation to the RFC if we must
http://www.rfc-editor.org/rfc/rfc2606.txt
<http://www.rfc-editor.org/rfc/rfc2606.txt> 
 
Internet Protocol addresses and Domain Name System names used in
examples are purposely chosen to avoid confusion with assigned addresses
and names. All Internet Protocol Addresses are in the reserved
non-routable network 10.x.x.x. All DNS names are in the reserved domain
.test   <outbind://1/#rfc2606> [RFC2606]
 
[P132] Deferred 
 
See the policy identifier discussion on the list
 
[P330] Deferred
 
Pending Don's report.
 
However I believe that we should specify in our draft the identifier
that we propose be used.

Received on Tuesday, 3 December 2002 11:33:13 UTC