W3C home > Mailing lists > Public > www-xkms@w3.org > March 2002

XKMS requirements notes

From: Frederick J. Hirsch <hirsch@fjhirsch.com>
Date: Wed, 13 Mar 2002 15:50:27 -0500
Message-ID: <3C8FBB93.1040803@fjhirsch.com>
To: www-xkms@w3.org, fjh@fjhirsch.com
My  apologies for arriving late on the teleconfernce call.  I have a 
couple of questions regarding the requirements, that might need to be 
added to the issues list.

1) 2.3.1 This should be made into a requirement with language like
"Trust servers MAY provide introspection..."
I don't think MUST would be appropriate here.

2) we might want to add language that although ASN.1 tools aren't 
required by XKMS, applications which deal with X.509 certs will need to 
deal with ASN.1 if they operate on the certs...

3) I'm not sure I'm comfortable with the wording in 2.2.1 saying "no 
security" is the third option when the third option is really security 
by alternative means. This may require an editorial pass.

4) Is requiring support for bulk (MUST) ok, even if not addressed in the 
first XKMS spec? I believe so but thought I'd mention it.

Thanks Joseph for the improvements to the document. I have a few minor 
additional editorial comments

2.1.7 s/enable client, to obtain/enable clients to obtain/

2.1.8 s/request, will not/request will not/

2.1.12 s/SHOULD not/SHOULD NOT/

2.4.15 s/ill effect),/ ill effect/

2.5.4 s/PX509/X.509/

2.5.4 s/format which MUST/format MUST/


< Frederick
Received on Wednesday, 13 March 2002 15:40:32 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:07:18 UTC