- From: Ed Simon <edsimon@xmlsec.com>
- Date: Sun, 7 Sep 2008 15:21:50 -0400
- To: <tlr@w3.org>
- Cc: <public-xmlsec@w3.org>
I do not see anything that would be need to changed in the EXI specs. However, given the nature of those specifications, my read-through does not constitute an actual security review which, I feel, would require a relatively indepth hands-on (e.g. playing with EXI toolkits, writing security code (e.g. code to sign EXI, encrypt portions, explore EXI-formatted signatures, etc.). _____________________________ Ed Simon <edsimon@xmlsec.com> Principal, XMLsec Inc. (613) 726-9645 Interested in XML, Web Services, or Security? Visit "http://www.xmlsec.com". New! "Privacy Protection for E-Services" published by Idea Group (ISBN: 1-59140-914-4 for hard cover, 1-59140-915-2 for soft cover). Includes a chapter, by Ed Simon, on "Protecting Privacy Using XML, XACML, and SAML". See the Table of Contents here: "http://tinyurl.com/rukr4". -----Original Message----- From: public-xmlsec-request@w3.org [mailto:public-xmlsec-request@w3.org] On Behalf Of Thomas Roessler Sent: September 2, 2008 12:26 To: Ed Simon Cc: public-xmlsec@w3.org Subject: Re: ACTION-22: Review EXI docs that were published On 2008-09-02 12:33:47 -0400, Ed Simon wrote: > There are certainly technical issues that could be important, but > before committing to fully exploring those, we should discuss the > validity of the use cases (see 1) to 3) in my prior email) with the > EXI WG. Well, I believe they're getting ever closer to a last call, so if there are things that we believe need to be changed in their spec, it's about time to start raising them. -- Thomas Roessler, W3C <tlr@w3.org>
Received on Sunday, 7 September 2008 19:12:11 UTC