OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [wss] questions and comments on WSS Core

Here are some questions and comments I got after reading the core. I tried to drop those other people had reported already.
  1. lines 193-195: Where does the threat of replay attacks belong to? To the first or the second group?
  2. line 238: Since this is a normative text, how "inappropriate claims" is defined here?
  3. lines 251-255: Since the UrenameToken element does not have password digest, what is the purpose of the Nonce and Created elements here? 
  4. paragraphs in lines 535-537 and 538-540 repeat each other and one of them needs to be eliminated.
  5. line 1016: what specification's section 4.5.3 does it refer to? The above text implies XML Encryption. It should be explicit.
  6. line 1155: the meaning of "materially" is unclear.
  7. lines 1430, 1431: The clause "these elements be included in the signature" is unclear. What does "included in the signature" mean? Should they be signed?
  1. lines 357 and 358: "whose" should be replaced with "which"
  2. lines 402, 497, 767, 954, 1132, 1192, 1224: incorrect grammar
  3. line 585: replace "principals" with "principles"
  4. line 676: what is "consant"?
  5. The sentence spanning lines 1112 and 1113 has an incomplete independent clause.
 Konstantin Beznosov                     Security Architect
 Quadrasis -- We Unify Security    http://www.quadrasis.com
 Hitachi Computer Products (America), Inc.
 1601 Trapelo Road                  Phone:  781 768 5840
 Waltham, MA 02451                  Fax:    781 890 4998

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC