Hi Von, Thanks for your comment. First of all, we decided to drop the support for MLS from the secure channel profile. So, it now support only for TLS (or SSL) as a secure channel. Regarding with your second comment, I will work on clarify what the "secure channel" means. I think you comment makes sence. Thanks a lot, Takuya From: Von Welch <vwelch@ncsa.uiuc.edu> Subject: Comments wrt Secure Channel 1.0 Profile Date: Fri, 7 Oct 2005 05:39:02 -0500
Two nits, one general comment. - Von
Section 3.2.1: I find it odd that while for message-level security encryption is mandated, it's not for TLS (as I read the BSP-1.0 document, it's optional). Is this intentional or is encryption assumed with TLS?
General comment: In part the above comment comes from the fact that the document doesn't clarify what a "secure channel" is. At the architectural level, what does the use of this profile provide? It seems to be the intention that it is a channel has authentication, privacy and integrity attributes, but that is only implied.
R0312, R0313, R0314, R0315, R0316: "When using Message Level Security..." This phrase seems confusing since many of the instances discussed don't actually occur at the time messages are being sent. I would suggest "In order to support Message Level Security..."