W3C home > Mailing lists > Public > www-xkms@w3.org > December 2002

Re: Change log #1

From: Joseph Reagle <reagle@w3.org>
Date: Tue, 17 Dec 2002 14:04:48 -0500
To: "Hallam-Baker, Phillip" <pbaker@verisign.com>, Just.Mike@tbs-sct.gc.ca
Cc: www-xkms@w3.org
Message-Id: <200212171404.49266.reagle@w3.org> 

On Tuesday 17 December 2002 13:05, Hallam-Baker, Phillip wrote:
> > > [P86] No change, existing text is sufficient
> > > There is an inline definition: a signing oracle, that is
> > sign a messages
> > > whose content is guessable by an attacker.
> I think the fragment makes sense with the full context.

Now [87]
  [87] Security Consideration: Care must be taken when signing 
  responses to ensure that the service does not provide a signing 
  oracle, that is sign messages whose content is guessable by an attacker.

this should be "...service does not provide a signing oracle that signs 
messages whose content..."

> These domain names are reserved for use in documentation and are not
> available for registration.
> OK works for me.

Ok!
Received on Tuesday, 17 December 2002 14:04:58 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 20 September 2007 14:30:56 GMT