* James M Snell wrote: > When servers or clients receive digitally signed or encrypted Entry > Documents, they are under no obligation to preserve the integrity of > the signatures or the encryption. They are allowed to modify member > resources in ways that can invalidate signatures. If such > modifications are made, it is recommended that any invalid signatures > be removed.
This should be "Servers should remove invalidated signatures". However, this may give the false impression that support for signatures is re- quired, and does not address what to do if the server does not know if a signature has been invalidated. The phrasing of "the integrity of the signatures or the encryption" is also easily misread. > A server can require that Entry Documents received from a client, > either via POST or PUT, be digitally signed with a valid > signature or are encrypted, or both. How such requirements are > communicated to the client are considered out of scope for this > specification. s/are con/is con/. > Signatures and encrypted elements are considered to be foreign markup > within an Atom document and are required to be handled according to > the rules specified in Sections 5 and 6.3 of [RFC4287]. I don't think it's useful to repeat this information here, "Handling of signatures and encrypted elements in Atom documents is discussed in sections 5 and 6.3 of [RFC4287]" would be better. -- Björn Höhrmann · mailto:[EMAIL PROTECTED] · http://bjoern.hoehrmann.de Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de 68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
