Comments on draft-sstc-core-07.doc and examples

["Edwards, Nigel" <Nigel_Edwards@hp.com>]

My main comment on draft-sstc-core-07.doc is that the respond element
defined on page 6, implicitly defines a fairly complicated protocol.
For the sake of interoperability, I would like to see this protocol
defined explicitly.

I could not find the definition of the <Authority> element in the document.

I will refrain from commenting on sections of the document that will need
changing when we have achieved consensus on the various items on our issues 
list.

I thought the examples document contained useful explanatory material,
although I would like to see examples drawn from our existing use case
document too. On page 12 #2.2.2 the text explaining the <Decision> element
seems to be a straight cut and paste of the text in #2.1.5. It certainly
does not explain the <Decision> element.

Nigel.

> -----Original Message-----
> From: Phillip Hallam-Baker [mailto:pbaker@verisign.com]
> Sent: 14 May 2001 19:46
> To: 'security-services@lists.oasis-open.org'
> Subject: CORE draft 0.7 plus examples
> 
> 
> All,
> 
> 	I have made some minor corrections to typos that were 
> pointed out in
> the 0.6 draft and revised the examples and explanations draft 
> to match the
> core draft.
> 
> This corrects the following problems:
> 
> * Issuer incorrectly typed 'issue' in schema
> * Failed to remove Validity depends upon from one of the 
> schema fragments
> * Failed to update the Authorization tag and the binding tag
> 
> 	The draft still incorporates the protocols section 
> pending new text
> from Tim Moses. 
> 
> 	The main issue in my mind is defining the request structure. 
> 
> 	I have not expanded on the password auth passthrough scheme that
> steve and I have worked on. However people will note that the 'ticket'
> example now uses the <Authenticator> mechanism.
> 
> 		Phill
> 
> Phillip Hallam-Baker FBCS C.Eng.
> Principal Scientist
> VeriSign Inc.
> pbaker@verisign.com
> 781 245 6996 x227
> All, 
> 
>