[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: wsse:Embedded
I have some questions on Embedded References in section 7.4 of the core. The definition of the wsu:Id attribute of the wsse:Embedded element is "An optional string reference for this element". This says to me that the wsu:Id refers to the wsse:Embedded element itself. However, the example indicates that the wsu:Id refers to the element pointed to, with the further assumption that tok1 is local. I thought that the main idea of Embedded was to have the token literally in the STR. Wouldn't a better example be: (or am I mis-understanding the purpose of the embedded element.) <S:Envelope> <S:Header> <wsse:Security> ... <wsse:SecurityTokenReference> <wsse:Embedded> <saml:Assertion ...> ... </saml:Assertion> </wsse:Embedded> </wsse:SecurityTokenReference> ... The way Embedded is used in the example in the core document (lines 734 to 735) seems to me to be better represented by using the KeyIdentifer. Also, lines 730 and 733 use the element KeyIdentifer. Don ==================== Donald Flinn Managing Partner Flint Security Phone: (781) 856-7230 e-mail: flinn@alum.mit.edu Web Page: http://dflinn.home.attbi.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]