Opened 15 years ago

Closed 15 years ago

#8 closed editorial (fixed)

Editorial nits from NIST

Reported by: pasi.eronen@… Owned by:
Priority: minor Milestone: milestone1
Component: draft-ietf-tls-rfc4346-bis Version: 02
Severity: Keywords:


The following comments are not security related, but we did 
notice a few editorial mistakes and nitpicks.

Page 5: Section 1.1 is listed twice.

Page 24: Section 6.2.2 Implementation note
The first sentence reads ?the currently defined which requires 
the most material is AES_256_CBC_SHA?? This is ungrammatical. 
It should most likely read, ?the currently defined CIPHERSUITE 
which requires the most material??

Page 33: Section 7.3
The statement ?If the client has sent a certificate with signing 
ability, a digitally-signed certificate verify message is sent 
to explicitly verify the certificate,? is incorrect and misleading. 
If anything, this message verifies the client?s possession of a 
particular private key, and demonstrates (to the server) the 
client?s knowledge of the form of the handshake messages that 
have been exchanged up to this point in the protocol. A 
certificate is ?verified? by checking the CA?s signature on 
the certificate, etc.

Change History (2)

comment:1 Changed 15 years ago by pasi.eronen@…

  • Milestone set to milestone1

comment:2 Changed 15 years ago by ekr@…

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.