Documentation and Testing Content Security Spec Review Meeting 2010-09-03
Jump to navigation
Jump to search
Arien to do a second pass on the spec, then open up for a sub-group call for consensus, prior to full WG call for consensus.
Attendees
John Moehrke
Brett Peterson
Beau
Umesh
Greg Meyer
Document Review
Started from where we left off last time
Certificate Chaining
Update to state the signatures MUST include the complete cert chain
On discovery, 3 options:
- Store intermediate certs locally
- Use one of the RFC cert extension methods to discover certs
- Use the same discovery method you use (DNS, LDAP, etc.)
Certificate Trust
Section is fine.
Would like to find a normative reference
Private Key
Need to update terminology to always refer to private key
Message Wrapping
Update to state: if you do message wrapping, here's how to do it.
Update conformance section to document agreement of the S&T WG
Process Outgoing
CHange NHIND to more neutral language.
Process Incoming
Decrypt then verify that you are holding a multipart/signed message with a valid signature.
Actions
Arien to do a second pass on the spec, then open up for a sub-group call for consensus, prior to full WG call for consensus.