Ah, got it. My perception "Security Considerations" usually refers to issues within the thing being defined, and (much) less so its implications on others. For example, "the password could be exposed," and not "this may result in arbitrary code being executed in your webserver." :) I think sec3 is wrongly-oriented, but don't (yet) have alternative text to propose. /r$ -- Zolera Systems, Your Key to Online Integrity Securing Web services: XML, SOAP, Dig-sig, Encryption http://www.zolera.comReceived on Friday, 4 January 2002 16:23:33 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:59:05 GMT