[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] RE: [wss] Canonicalization
There are a number of clarifications relevant here. There is also a misunderstanding here regarding the relationship between the SAML core specification and the WSS SAML Token binding. The WSS SAML Token binding defers completely to the WSS core draft regarding canonicalization (lines 222-224, 345-347). It makes no reference to the recommendations for digital signing found in the SAML core specification. So fundamentally, there is no WSS issue here. It is correct to say that the SAML 1.0 core document references non-exclusive Canonicalization spec ( URL http://www.w3.org/TR/2001/REC-xml-c14n-20010315) . This is mainly because exclusive canonicalization was not available at the time the SAML 1.0 was finalized. As part of the ongoing SAML 1.1 discussion, this issue is being revisited and discussed on the SAML list. Scott Cantor has published a working draft that clarifies some the relevant issues. YOu can find the draft at: http://lists.oasis-open.org/archives/security-services/200209/msg00034.html
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC