OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [wss-comment] Further comments on WSS 1.1 SAML Token Profile(issue 425 or new issue)

thanks for the suggestion Thomas, I support the change, and will
make it in the next revision if others agree.

Ron

DeMartini, Thomas wrote:
> In reviewing the "Pending Review" change for issue 425 in
> 
> http://www.oasis-open.org/apps/org/workgroup/wss/download.php/14295/wss-
> v1.1-spec-draft-SAMLTokenProfile-06.pdf
> 
> I have the following suggestion, related also to the e-mail below.
> 
> I suggest we put a period after "digested" on line 573 and delete the
> rest of the sentence.
> 
> &Thomas.
> 
> ] -----Original Message-----
> ] From: DeMartini, Thomas [mailto:Thomas.DeMartini@CONTENTGUARD.COM]
> ] Sent: Wednesday, August 24, 2005 2:01 PM
> ] To: Ronald.Monzillo@Sun.COM; Martin Gudgin
> ] Cc: wss-comment@lists.oasis-open.org
> ] Subject: RE: [wss-comment] Further comments on WSS 1.1 SAML Token
> Profile
> ] 
> ] ] > 3.	Lines 564-568 seem to disallow refering to an STR in
> order to
> ] ] > sign the STR itself, that is I can ONLY ever sign the referent,
> not
> ] the
> ] ] > referee. Is this really the intent? Or is the text trying to say
> 'if
> ] you
> ] ] > want to sign the assertion then make sure you use the STR
> ] Dereference
> ] ] > transform'?
> ] ] >
> ] ]
> ] ] no and yes.
> ] ] I will clarify this.
> ] 
> ] In keeping with "if you want to sign the assertion then make sure you
> ] use the STR Dereference transform", will that clarification include a
> ] change to line 568 to clarify that it is perfectly okay to use the STR
> ] Dereference transform for an embedded reference if you don't want to
> ] sign the reference and just want to sign the token?
> ] 
> ] If this can be done as one issue, that is okay with me.  If we think
> it
> ] is better to track it as a separate issue, we can use this e-mail to
> ] open that second issue.
> ] 
> ] 
> ] ---------------------------------------------------------------------
> ] To unsubscribe, e-mail: wss-comment-unsubscribe@lists.oasis-open.org
> ] For additional commands, e-mail: wss-comment-help@lists.oasis-open.org
> 

--

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]