[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: editorial comments on WSS 1.0 core
Hello, I'm now working in a group which make a (non-normative) Japanese translation of WSS 1.0 specs. During our work, we found some editorial errors. I hope these errors/comments will be considered and reflected to the errata document. (1) P3 L29-L30 [original] | This is a technical committee document submitted for consideration by the OASIS Web | Services Security (WSS) technical committee. Please send comments to the editors. Should we change this status description to show that this document has been approved as an OASIS Standard? [from SAML v1] | This is an OASIS Standard document that was approved by the OASIS | membership on 5 November 2002. [from SAML v1.1] | This is an OASIS Standard document produced by the Security Services | Technical Committee. It was approved by the OASIS membership on 2 | September 2003. (2) 5 Security Header P16 L469 [original] | omit a actor "a" should be "an". [change to] | omit an actor (3) 7.1 SecurityTokenReference Element P22 L677 [original] | in preferred order (i.e., most specific to least specific): I think the words in the parentheses are meaningless after "Embedded References" is added to the list. (I think "Embedded References" is most specific one.) I'd like to propose to remove them. [change to] | in preferred order: (4) 8.3 Signing Tokens P30 L1056- [original] | During this step, canonicalization of the | replacement node set MUST be augmented as follows: | * Note: A namespace declaration xmlns="" MUST be emitted with every apex I think the "Note:" at the front of Line 1058 is unnecessary because the listing item is following after "as follows:". [change to] | During this step, canonicalization of the | replacement node set MUST be augmented as follows: | * A namespace declaration xmlns="" MUST be emitted with every apex (5) 9 Encryption P32 L1125-L1126 [original] | Specifically what this specification describes is how three elements (listed below and defined in | XML Encryption) can be used within the <wsse:Security> header block. This chapter describes how to use <xenc:ReferenceList> and <xenc:EncryptedKey> elements within <wsse:Security> header block. So, "three elements" should be "two elements". [change to] | Specifically what this specification describes is how two elements (listed below and defined in | XML Encryption) can be used within the <wsse:Security> header block. (6) 9.3 Processing Rules P33 L1221 [original] | Encrypted parts or using one of the sub-elements ... "or" should be removed. [change to] | Encrypted parts using one of the sub-elements ... (7) 9.4 Decryption Transformation P35 L1281-1283 [original] | If the producer wishes to sign a message that MAY subsequently be encrypted by an | intermediary then the producer MAY use the Decryption Transform for XML Signature to explicitly | specify the order of decryption. The first "MAY" in Line 1281 should be "may". [change to] | If the producer wishes to sign a message that may subsequently be encrypted by an <omitted> (8) 13.1 General Considerations P42 L1524-L1526 [original] | proper use of digital signature and encryption (signing/encrypting critical parts of the | message, interactions between signatures and encryption), i.e., signatures on (content | of) encrypted messages leak information when in plain-text) There is an extra right parenthesis ")". I think the right paren in line 1525 (just after "encryption") can be removed. [change to] | proper use of digital signature and encryption (signing/encrypting critical parts of the | message, interactions between signatures and encryption, i.e., signatures on (content | of) encrypted messages leak information when in plain-text) (9) 16 References References are divided into two parts by the following sentense (Line 1673). [original] | The following are non-normative references included for background and related material: In fact the references before Line 1673 are just cited from the original "WS-Security" spec and the references after Line 1673 are added by WSS TC. I think the sentence at Line 1673 is meaningless, so I'd like to propose to remove Line 1673 (and sort the references). (10) Appendix B: SecurityTokenReference Model P53 L1813-L1814 [original] | However, other mechanisms such as "principal | name" are not required to be unique and therefore such references may be unique. I think the last part of this sentence should be "may not be unique". [change to] | However, other mechanisms such as "principal | name" are not required to be unique and therefore such references may not be unique. --- NISHIMURA Toshihiro (FAMILY Given) nishimura.toshi@jp.fujitsu.com STRATEGY AND TECHNOLOGY DIV., SOFTWARE GROUP, FUJITSU LIMITED
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]