[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] RE: Comments on XML signature guidelines draft
Scott, is the addition of an "ID" attribute to SAML 1.1 worth considering? From my limited understanding of the situation, it appears that some kind of standard "hook" is needed to point to pieces of XML. As XPath is a tree pattern-matching language, unsurprisingly it often exhibits exponential behavior. The "ID" approach is not great but gives the required functionality. - prateek >> >> >>> I think this is worth considering, particularly since it >>> still avoids the use of the original slow XPath transform. It >>> seems like we have to either avoid optional pieces of the >>> spec and use the original XPath transform, or pick which >>> optional piece to use, an XPointer Reference or an XPath2 Transform. >> >>Correction: I see now that even the original XPath transform is not a >>MUST. So it would seem (unless I'm missing something) that without #id >>support in SAML, there is no way to implement the necessary >>transform or >>reference *at all* without using some optional piece of the >>specification, be it XPath, XPath2, or XPointer references. >> >>> If we can get a sense of the implementations around and >>> whether XPointer support is common, that might help decide >>> the question. >> >>For further reference in answering this question: >>http://www.w3.org/Signature/2001/04/05-xmldsig-interop.html >> >>-- Scott >> >> >>---------------------------------------------------------------- >>To subscribe or unsubscribe from this elist use the subscription >>manager: <http://lists.oasis-open.org/ob/adm.pl> >>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC