OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xcbf message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xcbf] XCBF Proposed CS - change control

Title:
Alessandro,

I agree that this text could be improved. And this and several other
spots in the document should be reviewed and enhanced in the next
edition of the standard. But we could perfect this document forever
and never get around to producing a standard.

Let's move forward. When we start work on a version two of the
document, everything in it will be up for grabs.

Phil


Alessandro Triglia wrote:
  
-----Original Message-----
From: Phillip H. Griffin [mailto:phil.griffin@asn-1.com] 
Sent: Friday, April 04, 2003 21:14
To: [OASIS XCBF]
Subject: [xcbf] XCBF Proposed CS - change control


This one shows all of the changes made to the document
that we just balloted and approved to submit as an OASIS standard.

    

I have two comments.

1) The text around line 1532 (see below) is unclear as to when and how
BASE-64 is to be used.  Since we have agreed that BASE-64 is NOT used in
the CXER-encoded messages being exchanged, the meaning of the phrase
"when represented using XML markup"  is unclear.  The text should also
explain when the binary data must be converted to/from BASE-64, possibly
by describing a conceptual procedure to be followed by implementations.

-----------------------------------
So the values in the certs and crls components of type OriginatorInfo
have been Base64 [20] armored to minimize their size when represented
using XML markup while preserving their original encodings. These signed
objects must be converted back to their binary  DER encodings before
they can be used.
-----------------------------------


2) The document says that CXER must be used to encode the values of the
ASN.1 types defined in this specification.  This also includes such
types as  SignedData, SignerInfo, PrivacyBlock, etc.  However, most of
the examples all over the document actually show BASIC-XER encodings -
the CXER examples are a very small minority.

This fact may cause many readers to wrongly assume that the format of
the messages being exchanged is the one showed in the numerous examples
all over the document  (with the possible exception of
security-sensitive data).

I believe that some clarification is needed, conveying the fact that the
actual encodings will be different from the format of the XML in the
examples.

Alessandro



  
Phil

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]