Marius Scurtescu wrote:
>
> If ordering is not important then you are guaranteed to get it right.
> The spec could recommend alphabetical ordering, but I don't see the
> need for a must.
>
I agree.
___
specs mailing list
specs@openid.net
http://
I'm happy to drop it, just wanted to throw it out there.
--David
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Josh
Hoyt
Sent: Monday, October 16, 2006 3:48 PM
To: Marius Scurtescu
Cc: Recordon, David; specs@openid.net
Subject: Re: Notes From Dra
On 10/16/06, Marius Scurtescu <[EMAIL PROTECTED]> wrote:
> > Just so that there is an obvious one way to do it, so that it's easier
> > to get right, if I understand David's motivation. It's also easier to
> > make clear in the spec.
>
> If ordering is not important then you are guaranteed to get i
On 10/16/06, Hans Granqvist <[EMAIL PROTECTED]> wrote:
> What's the security benefit of forcing the protocol to use a
> specific order?
I don't know of any security benefit of using a specific order. I'm
pretty certain that this proposal came about to make the spec easier
to read and implement.
>
On 16-Oct-06, at 3:13 PM, Josh Hoyt wrote:
> On 10/16/06, Marius Scurtescu <[EMAIL PROTECTED]> wrote:
>> Sorting of unicode strings while not terrible hard it is not trivial
>> either. Why bother? The list of signed fields gives an explicit
>> ordering, this is good enough IMO.
>
> Sorting by UTF-
Marius Scurtescu wrote:
> On 16-Oct-06, at 2:44 PM, Josh Hoyt wrote:
>
>
>>On 10/16/06, Recordon, David <[EMAIL PROTECTED]> wrote:
>>
>>>6.1 Signed List Algorithm
>>
>>[...]
>>
>>>I'm thinking it would make sense to
>>>change this algorithm to first alphabetically sort the arguments
>>>to make
On 10/16/06, Marius Scurtescu <[EMAIL PROTECTED]> wrote:
> Sorting of unicode strings while not terrible hard it is not trivial
> either. Why bother? The list of signed fields gives an explicit
> ordering, this is good enough IMO.
Sorting by UTF-8-encoded octet sequence is easy.
> Why would be an
On 16-Oct-06, at 2:44 PM, Josh Hoyt wrote:
> On 10/16/06, Recordon, David <[EMAIL PROTECTED]> wrote:
>> 6.1 Signed List Algorithm
> [...]
>> I'm thinking it would make sense to
>> change this algorithm to first alphabetically sort the arguments
>> to make
>> it very clear in terms of ordering.
>
On 10/16/06, Recordon, David <[EMAIL PROTECTED]> wrote:
> 6.1 Signed List Algorithm
[...]
> I'm thinking it would make sense to
> change this algorithm to first alphabetically sort the arguments to make
> it very clear in terms of ordering.
I think it's a good idea to say that the signed list MUST
While I've already incorporated many of the things I found in draft 9
into 10, there were a few things which I didn't either have the right
answer to or feel that I could make the change on my own. I tried
reading through the draft as if I was reading it for the first time.
4.2 Integer Representa
10 matches
Mail list logo
