[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [regrep] Vote on version 2.03 - ACTION ITEM
My primary
argument is, "financial and technological barriers to entry." Certificate
acquisition and management are not free and not trivial. From a practical
point, I may choose to make some things that I publish, purely public and dsig
just simply is not required. I want to be able to choose what I
sign. imho Signing entries should be optional. It has been
suggested (by others) that the first two might be reconsidered in the V3
timeframe.
Joel
-----Original Message-----
From: Damodaran, Suresh [mailto:Suresh_Damodaran@stercomm.com] Sent: Thursday, June 13, 2002 7:57 AM To: 'Munter, Joel D'; 'Oasis Registry TC' Cc: Mikula, Norbert H Subject: RE: [regrep] Vote on version 2.03 - ACTION ITEM Joel,
Responses to your security related, "non-typo" type of comments
below.
Regards,
-Suresh -----Original Message-----
From: Munter, Joel D [mailto:joel.d.munter@intel.com] Sent: Wednesday, June 12, 2002 5:45 PM To: 'Oasis Registry TC' <snip>
line
3696:3697: I still believe that this specification should NOT mandate digital
signature for all content per the statement "The
Registry Client has to sign the contents before submission - otherwise the
content will be rejected."
line
3733:3734: I have the same objection to mandating digital signatures on payloads
per the text "This
packaging assumes that the payload is always signed."
[Damodaran, Suresh] What is your rationale behind your objection? line
3876:3877: Should the second occurrence of public key in the following sentence,
"To
validate a signature, the recipient of the signature needs the public key
corresponding to the signer's public key.," actually be private
key? If not then something else seems very awkward about this
sentence.
[Damodaran, Suresh] You are right. It should be "private key." <snip>
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC