[ogsa-wg] Re: Comments wrt Secure Channel 1.0 Profile
Takuya Mori
moritaku at bx.jp.nec.com
Mon Oct 24 12:45:05 CDT 2005
Hi Von,
Thanks for your comment.
First of all, we decided to drop the support for MLS from the
secure channel profile. So, it now support only for TLS (or
SSL) as a secure channel.
Regarding with your second comment, I will work on clarify what
the "secure channel" means. I think you comment makes sence.
Thanks a lot,
Takuya
From: Von Welch <vwelch at ncsa.uiuc.edu>
Subject: Comments wrt Secure Channel 1.0 Profile
Date: Fri, 7 Oct 2005 05:39:02 -0500
> Two nits, one general comment. - Von
>
> Section 3.2.1: I find it odd that while for message-level security
> encryption is mandated, it's not for TLS (as I read the BSP-1.0
> document, it's optional). Is this intentional or is encryption
> assumed with TLS?
>
> General comment: In part the above comment comes from the fact that
> the document doesn't clarify what a "secure channel" is. At the
> architectural level, what does the use of this profile provide? It
> seems to be the intention that it is a channel has authentication,
> privacy and integrity attributes, but that is only implied.
>
> R0312, R0313, R0314, R0315, R0316: "When using Message Level
> Security..." This phrase seems confusing since many of the instances
> discussed don't actually occur at the time messages are being sent. I
> would suggest "In order to support Message Level Security..."
>
>
>
>
>
>
More information about the ogsa-wg
mailing list