RE: [wss-comment] Further comments on WSS 1.1 SAML Token Profile (issue 425 or new issue)

["DeMartini, Thomas" <Thomas.DeMartini@CONTENTGUARD.COM>]

In reviewing the "Pending Review" change for issue 425 in

http://www.oasis-open.org/apps/org/workgroup/wss/download.php/14295/wss-
v1.1-spec-draft-SAMLTokenProfile-06.pdf

I have the following suggestion, related also to the e-mail below.

I suggest we put a period after "digested" on line 573 and delete the
rest of the sentence.

&Thomas.

] -----Original Message-----
] From: DeMartini, Thomas [mailto:Thomas.DeMartini@CONTENTGUARD.COM]
] Sent: Wednesday, August 24, 2005 2:01 PM
] To: Ronald.Monzillo@Sun.COM; Martin Gudgin
] Cc: wss-comment@lists.oasis-open.org
] Subject: RE: [wss-comment] Further comments on WSS 1.1 SAML Token
Profile
] 
] ] > 3.	Lines 564-568 seem to disallow refering to an STR in
order to
] ] > sign the STR itself, that is I can ONLY ever sign the referent,
not
] the
] ] > referee. Is this really the intent? Or is the text trying to say
'if
] you
] ] > want to sign the assertion then make sure you use the STR
] Dereference
] ] > transform'?
] ] >
] ]
] ] no and yes.
] ] I will clarify this.
] 
] In keeping with "if you want to sign the assertion then make sure you
] use the STR Dereference transform", will that clarification include a
] change to line 568 to clarify that it is perfectly okay to use the STR
] Dereference transform for an embedded reference if you don't want to
] sign the reference and just want to sign the token?
] 
] If this can be done as one issue, that is okay with me.  If we think
it
] is better to track it as a separate issue, we can use this e-mail to
] open that second issue.
] 
] 
] ---------------------------------------------------------------------
] To unsubscribe, e-mail: wss-comment-unsubscribe@lists.oasis-open.org
] For additional commands, e-mail: wss-comment-help@lists.oasis-open.org