FW: Minor Comments

["Nick Pope" <pope@secstan.com>]

Forwarding minor comments from Konrad

-----Original Message-----
From: Konrad Lanz [mailto:Konrad.Lanz@iaik.tugraz.at] 
Sent: 11 July 2006 12:13
To: Nick Pope; Juan Carlos Cruellas
Subject: Minor Comments

Hi Nick and Juan Carlos,

my colleague Harald Bratko thankfully invested some time to read the 
core protocol and I'd like to communicate some feedback from his review.

pls see below, sorry they are just very quick Notes.

Change [XMLSIG] to [XMLDSIG].

311 - 315: Make a forward reference to <Schema>.
344 - 345: Make a Note that ignorePIs and ignoreComments applies to the 
complete Document not just to the parts before and after the document 
element.

1436: An omitted <SignatureObject> in this sentence is not very clear.
better would be: Either a <SignaturePtr> or a single <InputDocument> and 
no <SignatureObject> MUST be used ...

1464, 1467: Font of <SignaturePtr>, <Base64XML>, <EscapedXML> is not 
consistent.

Line 314: forward reference to <Schema>

1679: Add a sentence like:
 The <VerifyManifestResults> is comprised of one or more 
<ManifestResult>s that contain the following:

1785: Change the words "signing key" against "signature".


These following things could be dealt with in the public review.

1848: The text is misleading. --> Eg. CA is trustworthy.
1852: One of the certificates in the chain is revoked
1856: What is a certifying Signature?

* ProcessingDetail the following would need to be added:
ReferenceHashInvalid
SignatureValueInvalid

Processing detail should give ds:Reference Level output just as 
ManifestResult does.

-- 
Konrad Lanz, IAIK/SIC - Graz University of Technology
Inffeldgasse 16a, 8010 Graz, Austria
Tel: +43 316 873 5547
Fax: +43 316 873 5520
https://www.iaik.tugraz.at/aboutus/people/lanz
http://jce.iaik.tugraz.at

Certificate chain (including the EuroPKI root certificate):
https://europki.iaik.at/ca/europki-at/cert_download.htm