- From: <spouliot@motus.com>
- Date: Thu, 17 Jan 2002 08:46:42 -0500
- To: www-xkms@w3.org
Here are my comments... 2.1.12. "Support for legacy formats such as PKCS#10 and PKCS#7 should be defined." add "but their support MUST be optional". 2.2.3 "Individual elements of XML Key Management protocol messages will not be encrypted." Current implementation encrypt the Private element (containing the Private key). Is this really a requirement or more a wish (i.e. "should not" in place of "will not") ? 2.3.5. I assume that this is about registring multiple keys (multiple usage) for a single user ? As written this could be confused with bulk registration (2.3.7). 2.4. Should we split this section between the - out of scope for XKMS - out of scope for the initial specification of XKMS ? Or does everyone agree about which items will never gets into XKMS ? (i doubt) 2.4.7. "Authorization and Authorization Assertions" Must be "Authentication and Authorization Assertions" ? 2.4.14. Private key retrieval is out of scope here but a requirement in 3.1.1 2.4.16 "XML Key Management of symmetric keys." The introduction says that "it is a goal of XML key management to support the key management requirements of XML Encryption". AFAIK XMLEnc deals with both symmetric as asymmetric keys. If this is out of scope for XKMS then the introduction should be modified to specify "public key management", else (if this is out of scope for the initial specification of XKMS) we should make the requirements (and other documents) neutral about the keys. 3.1.1. Private key retrieval is a requirement but out of scope 2.4.14. 3.4.1. "Exclusive Canonicalization support is required to..." What's the status of the document ? The reference points to an undated (october 2001) draft ? Is there a conflict between the EC and XKMS schedule ? -------------------------------------------------------------- Sébastien Pouliot Architecte Sécurité / Security Architect Motus Technologies tel: 418 521 2100 ext 307 courriel / email: spouliot@motus.com
Received on Thursday, 17 January 2002 08:46:30 UTC