[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] Editorial comment (or issue?) on core-31
|
I just noticed this one a few minutes ago...
Line 1262 of core-31 says the IssueInstant of a RESPONSE is the "time instant of issue of the REQUEST". I really do believe this is a cut and paste error and should really be the "time issue instant of the response". It really does change the normative meaning of the definition so it's not quite just an editorial change.
What harm will occur if this is left as-is for V1.0? As far as I can recall, we specify no processing requirements in the spec for the IssueInstant. If that's the case, then there probably is no harm in leaving it and fixing it in V1.1.
But if an authority uses the response creation time, then and some relying party incorrectly assumes that it is supposed to be the response instant of the corresponding request, then it might decide to reject the response because of a mismatch.
Thoughts?
Rob Philpott RSA Security Inc. The Most Trusted Name in e-Security Tel: 781-515-7115 Mobile: 617-510-0893 Fax: 781-515-7020 mailto:rphilpott@rsasecurity.com
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC