[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [regrep] Vote on version 2.03 - ACTION ITEM
Joel,
Responses to your security related, "non-typo" type of comments
below.
Regards,
-Suresh -----Original Message-----
From: Munter, Joel D [mailto:joel.d.munter@intel.com] Sent: Wednesday, June 12, 2002 5:45 PM To: 'Oasis Registry TC' <snip>
line
3696:3697: I still believe that this specification should NOT mandate digital
signature for all content per the statement "The
Registry Client has to sign the contents before submission - otherwise the
content will be rejected."
line
3733:3734: I have the same objection to mandating digital signatures on payloads
per the text "This
packaging assumes that the payload is always signed."
[Damodaran, Suresh] What is your rationale behind your objection? line
3876:3877: Should the second occurrence of public key in the following sentence,
"To
validate a signature, the recipient of the signature needs the public key
corresponding to the signer's public key.," actually be private
key? If not then something else seems very awkward about this
sentence.
[Damodaran, Suresh] You are right. It should be "private key." <snip>
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC