[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Editorial comments on WSS 1.1 Core
Here are some editorial comments on the WSS 1.1 Core CD document[1]. Gudge [1] http://www.oasis-open.org/committees/download.php/13397/wss-v1.1-spec-pr -SOAPMessageSecurity-01.pdf 1. I think there should be a blank line between lines 63 and 64. 2. Line 70 - s/does not/must not 3. Line 77 - s/assigns/assignees 4. Given that 'Digital Signature' comes before 'Signature' in the Terminology section (2.4) I would put the detailed description under the former and have the latter refer to it. 5. Lines 349-353 - Antagonist? Why not 'attacker'? As for as I know the intent of a 'black hat' is not to antagonise... 6. Line 396 - s/specify any signature/constrain any signature 7. Line 602 - s/[SPOAP11]/[SOAP11] 8. Line 612 - s/[SPOAP11]/[SOAP11] 9. Line 772 - s/presents framework/presents a framework or possibly s/presents framework/presents the framework 10. Line 816 - the wsse:TokenType attribute is not listed in the syntax illustration. 11. Line 816 - the wsse:Usage attribute is not listed in the syntax illustration. 12. Line 910-911 - Lumpy and has capitalized 'SHALL'. Suggest "processing rules and semantics around the value of the URI and its interpretation. If this attribute is not present, the URI MUST be processed as a normal URI." 13. I think there should be a blank line between lines 911 and 912. 14. Lines 935-936 - First sentence is lumpy. Suggest "Alternatively, if a direct reference is not used, then it is RECOMMENDED that a key identifier be used to specify/reference a security token instead of a <ds:KeyName>." 15. Line 942 - s/SHALL be/is 16. Line 947 - s/is simply/involves simply 17. Line 948 - s/a given specified/the specified 18. Line 1078 - s/EncrypteKey/EncryptedKey (font needs correcting too) 19. Line 1097 - s/demonstrated using/demonstrated by using 20. Line 1098 - s/relying party acceptance/relying party's acceptance 21. Line 1182 - s/will/might 22. Line 1227 - s/subsequent/unintentional 23. Line 1357 - It's not clear to me why this table appears here... 24. Line 1360 - /sHALL/MUST ??? 25. Line 1398 - s/<SignatureConfirmation/<wsse11:SignatureConfirmation 26. Lines 1399,1404,1410 - s//SignatureConfirmation//wsse11:SignatureConfirmation 27. Line 1444 - s/SignatureConfiramation/SignatureConfirmation 28. Lines 1586-1614 - Should this example contain a xenc:ReferenceList inside the xenc:EncryptedKey? 29. Line 1638 - Should EncryptedHeader be in Courier font? (Like on line 1670) 30. Line 1644 - s/if target/if the target 31. Line 1645 - s/SOULD/SHOULD 32. Line 1698 - s/<S12:MustUnderstand>/S12:mustUnderstand (like Line 1743 which is correct) 33. Line 1699 - s/<S11:MustUnderstand>/S11:mustUnderstand (like Line 1743 which is correct) 34. Line 1701 - s/S12:Role/S12:role 35. Line 1701 - s/S11:Actor/S11:actor 36. Line 1701 - S11:actor and S12:role should be in Courier. 37. Line 2168 - s/local Id/local ID 38. Line 2168 - ID should be in Courier 39. Line 2366-2367 - earlier we recommended against ValueType in favour of wsse:TokenType
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]