[Top] [All Lists]

RE: Cert-03.txt and Msg-03.txt

1998-04-27 18:26:10
Sorry about the delay, Bill -- I'm in editing mode now.

On Thursday, March 26, 1998 2:35 PM, Flanigan, Bill
[SMTP:flanigab(_at_)ncr(_dot_)disa(_dot_)mil] wrote:

                    c.  Section titles starting with Section 2.1.
Eliminate the run-on use of words.

These are the ASN.1 identifiers that correspond to the fields in the CMS
specification.  Changing these to be more "human" would lose the
connection to those fields, wouldn't it?

                    f.  Recommend that document be given a "PKI
starting with Section 2.1.

Should I use soap?

How do you mean a PKI scrub?  Remove all references to PKI?

                    g.  Section 4.1, line 6-8.  Keep this sentence,
delete the rest of the Section.

PKIX does not document the frequency of retrieval of CRLs nor does it
recommend local storage practices.  I think this is necessary to
communicate, so we should probably see if there are any more comments.

                    h.  Section 5.0, lines 2-3.  It's unclear what
relationship is between the "S/MIME agent" and "protecting the
private key."  Shouldn't the user protect his/her/its private key

They should, but I think it's important to call it out as a security
problem if you don't do something like password encrypt the private key.
Other comments?

Blake C. Ramsdell
Worldtalk Corporation
For current info, check
Voice +1 425 882 8861 x103  Fax +1 425 882 8060

<Prev in Thread] Current Thread [Next in Thread>
  • RE: Cert-03.txt and Msg-03.txt, Blake Ramsdell <=