The text that is new in Section 3 has the same problem that Von Welch (correctly) identified with the previous version: The document references the "Basic-Security-Profile" in section 3.2.1. I was confused at first as to whether this was the OGSA BSP or the WS-I BSP. I suggest this usage include the full title of the document being referenced. Here's one example of the text that needs to be clarified: " Note that while section 4.2 of the Basic Security Profile 1.0 mandates, recommends, and discourages support for certain ciphersuites, the Basic Security Profile 1.0 does not prohibit use of any specific ciphersuite. While section 3.3, 3.4 and 3.5 of the Profile prohibits certain ciphersuites, the Profile does not prohibit use of any specific ciphersuite other than those." Instead of writing "Basic Security Profile 1.0", can't you write "WS-I Basic Security Profile 1.0"? And instead of "Profile", can't you write "OGSA Security Profile 1.0 - Secure Channel"? (If indeed this is what you mean). And please change it in ALL places in the text, not just this single line. More broadly, I'm not sure what makes THIS one (the "secure channel") *NOT* a "BASIC Profile", while "core" is a "BASIC" profile. They're both optional to OGSA services, so arguably "BASIC" should be removed from the title of "core" as well. Stated differently, I question the logic of referring to something that addresses the fringe concept of "key information binding to an endpoint reference" as "BASIC" and referring to something that essentially just talks about TLS/SSL as apparently *NOT* "BASIC". -- Marty -----Original Message----- From: ogsa-wg-bounces@ogf.org [mailto:ogsa-wg-bounces@ogf.org] On Behalf Of Takuya Mori Sent: Tuesday, December 05, 2006 6:07 AM To: ogsa-wg@ogf.org Subject: [ogsa-wg] [update] OGSA Security Profile 1.0 - Secure Channel Dear All, I have updated the SP - SC document as we discussed in the Nov 27 conference call, and I think it's ready for FINAL CALL. Please have a look through the document. Any comments are welcomed. The updated version of the profile is available on GridForge. OGSA Security Profile 1.0 - Secure Channel: https://forge.gridforum.org/sf/docman/do/downloadDocument/projects.ogsa-wg/d ocman.root.working_drafts.security_profile_1_0/doc13560/23 Changes: - accepted all the change trackers - updated the acknowledgement section - updated the extensibility points since those of the extended profile had been updated - added a sentence on the extensibility points E009 and E011 - updated Table 6 - a number of changes, mainly gramatical errors Best regards, Takuya ---- Takuya Mori moritaku@bx.jp.nec.com / tk-mori@isd.nec.co.jp System Platform Software Development Division NEC Corporation, Tokyo Japan -- ogsa-wg mailing list ogsa-wg@ogf.org http://www.ogf.org/mailman/listinfo/ogsa-wg