Re: Comments on Draft from Mary Ellen Zurko on 2007-12-14 (public-wsc-wg@w3.org from December 2007)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Fri, 14 Dec 2007 14:27:10 -0500
To: dan.schutzer@fstc.org
Cc: public-wsc-wg@w3.org
Message-ID: <OFA26C0551.5730CB37-ON852573B1.005F7DEB-852573B1.006ADB89@LocalDomain>

Remember to create Issues for anything you want tracked. You should 
probably create a single issue for any editorial changes. 


comments as a participant:

I  note your comment in 7.1 seems to directly respond to the discussion we 
had questioning what attacks this alternative form of matching might 
allow. 

On your question in 7.2, I believe the idea is that this information is 
always protected, so that not protecting it on the network with TLS is a 
gap in the security provided. 

The second paragraph you added in SBM is not at all in spec language. As a 
reader, I can't tell if it's normative (Requirements or Techniques), or 
examples, or something else. And if it's "something else", it doesn't 
belong. Read some of the other sections to see what I mean. Try to figure 
out which of those three categories you're going for, then emulate the 
style of other sections. 

The third paragraph you added doesn't seem to belong in a spec at all. 

          Mez




From:
"Dan Schutzer" <dan.schutzer@fstc.org>
To:
<public-wsc-wg@w3.org>
Cc:
"'Dan Schutzer'" <dan.schutzer@fstc.org>
Date:
11/30/2007 07:48 AM
Subject:
Comments on Draft




Hi 

 

I just took a pass through the document and have attached it with my 
comments (view under web layout). Let me know if you want this placed 
somewhere on the website. I hesitated to write over anything on the site.

 

Dan[attachment "Web Security Context draft Nov 2007.doc" deleted by Mary 
Ellen Zurko/Westford/IBM]

Received on Friday, 14 December 2007 19:27:30 UTC