[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Comments: Async, Code-Signing, XAdES, ESeal
Trevor, Thanks very much for going through this profile and correcting some of the details. I have uploaded a new version 05 of the entity seal profile with revision marks highlighting the changes. It was my intention to leave a certain amount of flexibility in the Entity Seal profile, enabling interoperability for the basic functions but allowing a certain amount of extension / variations to support additional functionality. Whether this makes the profile "abstract" or "concrete" I am not sure. More specifically on some your points: 2.6.1 Whether it is a "concrete" profile or not I do not think that alternative underlying bindings should be precluded. One binding is recommended for interoperability but I can envisage situations where other security solutions may be useful. 3.1.1 At this stage the form of Claimed identity should not be restricted. 3.1.1 The profile should not preclude use of other optional input. 5 The only part of XAdES this profile requires to be supported is signing time. Other elements may be supported, as with other extensions to the Core. I do not think that this is significant enough tp warrant mention in the introduction. 6.1 Even though the RequesterIdentity is not an optional output it is still set as part of the Sign process. 6.2 There is not need to further constrain the other signature properties beyond what is in the Core. Nick > -----Original Message----- > From: Trevor Perrin [mailto:trevp@trevp.net] > Sent: 08 November 2004 08:42 > To: dss@lists.oasis-open.org > Subject: [dss] Comments: Async, Code-Signing, XAdES, ESeal > > > > 'nother round of profile comments: > > (comments in change-tracking): > http://trevp.net/dss/oasis-dss-1.0-profiles-asynchronous-processin > g-spec-wd-04.doc > http://trevp.net/dss/oasis-dss-1.0-profiles-eseal-spec-wd-04.doc > http://trevp.net/dss/oasis-dss-1.0-profiles-XAdES-spec-wd-05.doc > > > Code-Signing > ------------------------------ > Section 1, the more recent profile template drops the terms "protocol > profiles", "signature profiles", "processing profiles", since it was > confusing to label the parts of a profile as profiles. Instead it says > "This document profiles the protocols, processing rules, etc.." > > Section 2.1, the 2 paragraphs should be more clearly linked, eg: "If it > does so, " > > Section 3.1.1: this says async support is MUST, but Section 2.1 > said it was > MAY. > > Sections 4 and 5 could be removed, and the Introduction revised in light. > > Section 6: what is a "ReferenceID"? Also, the last bullet is truncated. > > Section 7, second bullet: s/transport or security/security/ > > > Trevor > > > To unsubscribe from this mailing list (and be removed from the > roster of the OASIS TC), go to > http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_wor > kgroup.php. > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]