coel message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Fw: Observations on Committee Draft 01
- From: Paul.Bruton@tessella.com
- To: "David Snelling" <David.Snelling@UK.Fujitsu.com>
- Date: Tue, 3 Nov 2015 14:08:23 +0000
Tessella Ref: NPD/7907/CL/CSC/2015Nov03/13:52:33
Hi David,
Just to let you know I have updated
all four of the below documents and uploaded to the OASIS website ready
for another ballot.
One additional change I made was to
add OperatorID to the inputs of operator/device on the basis that there
is no authorisation header in this request (as with operator/consumer).
One cold argue that it is not required since the operator can be derived
from the consumer (already registered), but the preamble on this method
refers to the 'requesting operator' so I thought it should be explicit.
Many thanks
Paul
Dr. Paul Bruton
----- Forwarded by Paul
Bruton/Tessella on 03/11/2015 13:49 -----
From:
Paul Bruton/Tessella
To:
coel@lists.oasis-open.org
Date:
03/11/2015 12:17
Subject:
Observations
on Committee Draft 01
Tessella Ref: NPD/7907/CL/CSC/2015Nov03/12:17:49
Hi,
I've finished reviewing the documents
and have a number of observations. Most are typographic (there are some
strange numbers appearing in words like '5uthorized5d' and there is one
'bug' which I raised yesterday. The paragraph on authorisation and authentication
in the IDA was what we agreed would be the wording across the MMI, BAP
and PQI as it is clearer with respect to how the passwords are presented
and encoded. I think this is not a bug but has the potential to confuse
or mislead.
Happy to discuss on our call pending
a vote.
Thanks
Paul
BAP
- contains the phrase 'pseudonymous
identity key'. I think 'identity should be removed'
MMI:
- Section 2 'Coeition'
misspelling
- Section 2.1: paragraphs on A&A are
not what we agreed: See IDA example:
"HTTP basic authentication SHALL be
used to authenticate calls to the API. Passwords SHOULD be 64 bytes in
length and supplied as a base 64 encoding string. This MUST be converted
to ASCII and prefixed with the userid followed by a colon to form the token
passed in the HTTP Authorisation Header."
Section 2.1 ; mis-spellings like '5uthorized5d'
- Section 2.7 Bug referred to yesterday:
Timestamp and Signature should refer to DeviceID, not ConsumerID
PQI:
- Section 2.1: paragraphs on A&A are
not what we agreed: See IDA example above
- Misspelling '5nrecognized'
- Section 2: Paragraph "The query interface
has one method ..." has no normative keywords.
IDA
- Section 4.2: misspelling: '7uthorized7d'
Dr. Paul Bruton
Tessella
Chadwick House, Birchwood Park, Warrington, WA3 6AE
E: Paul.Bruton@tessella.com,
T: +44 (0)7557 916535
www.tessella.com
Registered in England No. 1466429
Please consider the environment
and do not print this e-mail unless you really need to.
This message is commercial in confidence and
may be privileged. It is intended for the addressee only. Access to this
message by anyone else is unauthorised and strictly prohibited. If you
have received this message in error, please inform the sender immediately.
Please note that messages sent or received by the Tessella e-mail system
may be monitored and stored in an information retrieval system.
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]