Documentation and Testing Content Security Spec Review Meeting 2010-09-03

From Direct Project
Jump to: navigation, search


John Moehrke
Brett Peterson
Greg Meyer

Document Review

Started from where we left off last time

Certificate Chaining

Update to state the signatures MUST include the complete cert chain

On discovery, 3 options:

  1. Store intermediate certs locally
  2. Use one of the RFC cert extension methods to discover certs
  3. Use the same discovery method you use (DNS, LDAP, etc.)

Certificate Trust

Section is fine.

Would like to find a normative reference

Private Key

Need to update terminology to always refer to private key

Message Wrapping

Update to state: if you do message wrapping, here's how to do it.

Update conformance section to document agreement of the S&T WG

Process Outgoing

CHange NHIND to more neutral language.

Process Incoming

Decrypt then verify that you are holding a multipart/signed message with a valid signature.


Arien to do a second pass on the spec, then open up for a sub-group call for consensus, prior to full WG call for consensus.