W3C home > Mailing lists > Public > www-xkms@w3.org > December 2002

RE: Change log #1

From: Hallam-Baker, Phillip <pbaker@verisign.com>
Date: Tue, 17 Dec 2002 11:12:40 -0800
Message-ID: <CE541259607DE94CA2A23816FB49F4A310FF06@vhqpostal6.verisign.com>
To: "'Joseph Reagle'" <reagle@w3.org>, "Hallam-Baker, Phillip" <pbaker@verisign.com>, Just.Mike@tbs-sct.gc.ca
Cc: www-xkms@w3.org
OK, will apply those changes

> -----Original Message-----
> From: Joseph Reagle [mailto:reagle@w3.org]
> Sent: Tuesday, December 17, 2002 2:05 PM
> To: Hallam-Baker, Phillip; Just.Mike@tbs-sct.gc.ca
> Cc: www-xkms@w3.org
> Subject: Re: Change log #1
> 
> 
> On Tuesday 17 December 2002 13:05, Hallam-Baker, Phillip wrote:
> > > > [P86] No change, existing text is sufficient
> > > > There is an inline definition: a signing oracle, that is
> > > sign a messages
> > > > whose content is guessable by an attacker.
> > I think the fragment makes sense with the full context.
> 
> Now [87]
>   [87] Security Consideration: Care must be taken when signing 
>   responses to ensure that the service does not provide a signing 
>   oracle, that is sign messages whose content is guessable by 
> an attacker.
> 
> this should be "...service does not provide a signing oracle 
> that signs 
> messages whose content..."
> 
> > These domain names are reserved for use in documentation and are not
> > available for registration.
> > OK works for me.
> 
> Ok!
> 

Received on Tuesday, 17 December 2002 14:12:49 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:39:18 GMT