Dan Harkins wrote: > The text says the method > "MUST NOT expose" the username and password. The word "expose" is not > defined and is very vague and open to interpretations that would result > in an insecure protocol. I think there is a property in a properly modeled > protocol that could replace that vague term.
OK. > I am saying that the current requirement is > vague and may not be accurate for some reasonable definitions of "expose". > I suggest a better, and more accurate description of this property. Is > there a problem with my suggestion? No. I just want to be sure I understand what you're getting at. Can you propose specific modifications to the text? i.e. quote the current text, and then write what you think it should say. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu