[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Further comments on WSS 1.1 Kerberos Token Profile
Here are some further comments on WSS 1.1 Kerberos Token Profile CD doc[1]. Gudge [1] http://www.oasis-open.org/committees/download.php/13390/wss-v1.1-spec-pr -KerberosTokenProfile-01.pdf 1. Line 198 - This text implies that the ValueType attribute exists in the STR element. But STR doesn't support ValueType. Does it mean wsse:STR/wsse:Reference/@ValueType? If so, it should say so. 2. Lines 303-305 don't make any sense to me. I propose that they be reworded as follows; "It should be noted that transport-level security MAY be used to protect the message and the security token in cases where neither a wrapped AP-REQ nor an unwrapped AP-REQ combined with timestamp and signature are being used." 3. Lines 307-329 - It's not clear to me what the criteria are for normative vs non-normative references. For example, it seems odd that WSS would be a non-normative reference from a token profile for WSS. 4. Lines 322-325 - I think this should be a reference to WSS 1.1
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]