[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [security-services] [XML Signature]SAML profile of XML Signature
Editorial changes. (BTW, thanks for posting PDF not MSWord) 18-19: change to active voice, "SAML uses XML DSIG to ..." 36: "a work in progress" ? 73: Data integrity, not message? 76: "can be used to help provide" N-R. Make it more mealy-mouthed, NR is a bad concept to enforce cryptographically. :) Esp since no mention of CRL OCSP etc appears. :) 83: See 76 90: Add ", for example" to end of sentence. 95: Should both parties be postive the message transport integrity hasn't been compromised, too? 105-108 Un-indent that paragraph and make it a note. It's good to list examples. Needn't be comprehensive. 126: it's an enveloped sig, no? 133: maxoccurs defaults to 1 so its redundant. 131-133 should be consistent. 139: not sure what version of XML Schema, but should timeInstant be DateTime? 150,158: see 133 166: "may themselves be signed" ; add themselves 178: "applies to all of the"; add to Perhaps instead of super-signature containing or package signature? Just a suggestion. 186: The first sentence should be a phrase (comma not period before the i.e.), and seems to be missing a word or two. 190: message --> "messages, then" 201: strike "viz" 216: Add Phill's caveat (probably belongs elsewhere, too) that assertions can only be evaluated *after the transforms* 219: "Which means" --> "For example, this means that" Hope this helps. /r$ -- Zolera Systems, Your Key to Online Integrity Securing Web services: XML, SOAP, Dig-sig, Encryption http://www.zolera.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC