[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] Issue 399: Proposed Security Consideration Text
Michael,
Same here
+1
abbie
> -----Original Message-----
> From: Duane Nickull [mailto:dnickull@adobe.com]
> Sent: Monday, June 20, 2005 11:39 PM
> Cc: wss@lists.oasis-open.org
> Subject: Re: [wss] Issue 399: Proposed Security Consideration Text
>
>
> Michael:
>
> I concur with your thinking below which is why I question it
> initially.
> I see no reason to have pseudo implementation guidelines.
> The intent of
> the original comment perhaps belongs in a best practices or
> implementation profile white paper.
>
> +1
>
> Duane Nickull
>
> Michael McIntosh wrote:
>
> >
> >Nothing other than currently specified functionality is required in
> >order
> >for this to work.
> ><SNIP>
> >There is no doubt that XPath expressions might be generated
> which evaluate
> >to a nodeset
> >other than that which was intended, an empty (or other
> constant) nodeset
> >for example;
> >but the normal checks to verify that what must be signed is
> signed and
> >what must not be
> >signed is not should address that case.
> >
> >
> >
> >>&Thomas.
> >>
> >
>
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS
> TC that generates this mail. You may a link to this group
> and all your TCs in OASIS
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgr
oups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]