This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/discussion/do/listPosts/projects.ggf-editor/discussion.rec_secure_addressing_profile_1.topc4187 at Thu, 03 Nov 2022 23:20:53 GMT SourceForge : Post
Home Projects Search
User Password Logins Disabled Help

Project Home
Tracker
Documents
Tasks
Source Code
Discussions
File Releases
Wiki
Project Admin
Project: Editor     Discussion > REC:Secure Addressing Profile 1.0 > nits and signing requirement > List of Posts
Forum Topic - nits and signing requirement: (2 Items)
View:  as 
 
Update
 
Blair Dillaway
03/25/2008 7:18 PM
post5999
nits and signing requirement
Generally looks good.

Nits:
-	Need to update OGF copyright to 2007, 2008
-	I find it generally good practice to include references on first referral to external standards. The intro mentions a 
whole list of standards you rely on by short identifier only (WS-Addressing, WS-SecurityPolicy, SSL/TSL, WS-Security, …
.). Appears WS-Addressing is missing from normative refs.
-	In  Section 4, Initiator and Resource are initial caps only while in secure communication they are all CAPS. 
Consistent style is good.

Section 6
-	I believe you should require all secure addresses to be signed.  A number of bad things can happen to clients who rely
 on secure-addresses which have been tampered with as I mentioned in my comments on the secure-communications draft.
Duane Merrill
05/01/2008 10:17 AM
post6015
Re: nits and signing requirement
Resolution: Addressed nits and changed the mentioned recommendation to a requirement.

-Duane

 
Return
 

The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/discussion/do/listPosts/projects.ggf-editor/discussion.rec_secure_addressing_profile_1.topc4187 at Thu, 03 Nov 2022 23:20:54 GMT