W3C home > Mailing lists > Public > www-xkms@w3.org > March 2002

Re: Proposed spec changes

From: Rich Salz <rsalz@zolera.com>
Date: Wed, 06 Mar 2002 15:49:36 -0500
Message-ID: <3C8680E0.9060802@zolera.com>
To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
CC: "'www-xkms@w3.org'" <www-xkms@w3.org>
I agree with 

> 1. Removal of unnecessary design justification & explanatory material ...

> 2. Reorganization of USER/SERVER Auth nonsense.
> 	This needs to be greatly streamlined.

 > 5. Add in bounds exceeded fault
 > 6. Use SAML versioning
 > 8. Use XML Encrypt for encrypting the private key

What is #3 Add "UseKeyWith" element?

As for #4, add Service URI element:  Do you mean to all requests?  If 
so, yes.  Should be in reply, too?  I dunno.


> [I-PayloadAuth]
> 	Require decision on how payload authentication is to be handled, in
> particular whether by a SOAP header or a signature within the Request
> packet.


Put another way:  enveloped or detached signatures, right?


> [I-PayloadHash]
> 	For establishing correspondence of response to a specific request.


Will the hash cover the signature?  If so I-PayloadAuth impacts this.


> [I-FaultHandling]
> 	We need to address this, how is XP getting on here?


What do you want to know?  (I'm on the xmlp wg :)


> [I-Passphrase]
> 	Needs to become Base64 data at the very least.


yes.


-- 
Zolera Systems, http://www.zolera.com
Information Integrity, XML Security
Received on Wednesday, 6 March 2002 15:49:20 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:38 UTC