[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] Signature Verification Output
Why isn't this a "validation service" ? In most cases the "client" (should be requestor here) won't know what to do with the transformed data, and other signature-related info. How does this fit into signing/validating WS-Security headers ? Anthony Nadalin | work 512.436.9568 | cell 512.289.4122 |---------+----------------------------> | | Trevor Perrin | | | <trevp@trevp.net>| | | | | | 03/31/2003 11:06 | | | AM | |---------+----------------------------> >------------------------------------------------------------------------------------------------------------------------------------------------| | | | To: dss@lists.oasis-open.org | | cc: | | Subject: [dss] Signature Verification Output | >------------------------------------------------------------------------------------------------------------------------------------------------| One big remaining question: does the verification service just: A) verify the signature (return true/false), or B) return the transformed data, and other signature-related info to the client in an easy-to-read form The current requirements document says the latter (3.7.2 and 3.7.3), but that's tentative. Should those sections stay in or not? Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]