[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] disposition of the HoK profiles
Tom Scavo wrote on 2009-07-05: > I could be missing something, I suppose, but I don't see how we could > get into trouble by pushing both HoK profiles to CS at the same time. I'm not saying it's "trouble", I'm just suggesting some care be taken to avoid changing the profile post-CS-01 in a way that ends up breaking compatibility with CS-01, such that an implementation of post-CS-01 has to somehow operate in two modes. And to do that would require some kind of signal or knowledge about which mode to operate in. To put it another way, the HoK language is trying to constrain what you do when you create or process a particular confirmation method. If you turn around and somehow change that behavior, then how do I know what to do for that method? (Obviously this has always been an issue with profiling HoK, and I suppose I've never been quite sure why one wouldn't just define new confirmation methods that have *precise* definitions instead of defining everything in profiles underneath a common method.) As a "spec matter", what you're saying is totally correct, I'm not arguing over that. Just thinking about the implementation implications when you try and reuse code. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]