That wording looks great.
Danny
Prasad Yendluri wrote:
Danny,
I see your intent now, thanks. How about replacing the word "include"
with "encompass", like
"Consequently, when using
WS-Security, signatures MUST include
encompass
the
semantically significant headers ...."
Will that work ?
I am concerned that the rephrased "MUST be signed" has the side affect
of requiring the use of signatures always.
Regards,
Prasad
Danny van der Rijn wrote:
I don't
think I changed any of that meaning : " when using ... MUST
... "
only changing it so that it doesn't say that the headers must be in the
signature (which IMO isn't correct), but rather says that the signature
must be *over* the headers.
that was my intention, anyway. If you still think that I changed
something, can you suggest other wording that takes my concerns into
account? Or point out where you think my intention didn't make it into
my wording?
Thanks
Danny
Prasad Yendluri wrote:
Danny van der Rijn wrote:
Suggestions:
- WS-Security added as normative reference in references section, and a
[reference] to it added in 16
Consequently, when using
WS-Security, signatures MUST include the
semantically significant headers and
the message body (as well as any other relevant data) MUST be signed so that they cannot be
independently separated and re-used.
I would not consider this editorial change though. The original text as
stated does not require signing, only that when signed the signatures
include the semantically significant headers
and
the message body. The rewording requires that messages MUST always be
signed. In addition, having a MUST requirement with "any other relevant
data" does not make sense to me (as it is not specific enough for a
MUST).
Regards.
Prasad
Mehta, Vinkesh (US - Austin) wrote:
After
reviewing Chapter 16. Security Considerations, I propose that
we accept the Chapter with no changes.
thanks,
-Vinky
Manager
Deloitte
Consulting LLP
Tel:
(or Direct:) +1 512 226 4261
Main:
+1 512 691 2300
Fax:
+1 512 480 1261
Mobile:
+ 1 512 750 2006
vmehta@deloitte.co
www.deloitte.com
400
West 15th Street, Suite 1700
Austin,
TX 78701-1648
USA
|