[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [wss] proposed changes for issue 334 (same change as diff)
To resolve issue 334, I recommend that the following changes be made in rversion 1.1 of the core. effected lines are lines 363-376 of version 1.0 of core.
*** x Tue Nov 16 09:40:09 2004 --- y Tue Nov 16 09:41:07 2004 *************** *** 3,14 **** the wsu:Id attribute so that recipients need not understand the full schema of the message for processing of the security elements. That is, they need only "know" that the wsu:Id attribute represents a schema type of ID which is used to reference elements. However, because some ! key schemas used by this specification don't allow attribute extensibility (namely XML Signature ! and XML Encryption), this specification also allows use of their local ID attributes in addition to the wsu:Id attribute. As a consequence, when trying to locate an element referenced in a signature, the following attributes are considered: o Local ID attributes on XML Signature elements o Local ID attributes on XML Encryption elements o Global wsu:Id attributes (described below) on elements In addition, when signing a part of an envelope such as the body, it is RECOMMENDED that an ID reference is used instead of a more general transformation, especially XPath [XPATH]. This is --- 3,15 ---- the wsu:Id attribute so that recipients need not understand the full schema of the message for processing of the security elements. That is, they need only "know" that the wsu:Id attribute represents a schema type of ID which is used to reference elements. However, because some ! key schemas used by this specification don't allow attribute extensibility (namely XML Signature, ! XML Encryption, and SAML Assertions), this specification also allows use of their local ID attributes in addition to the wsu:Id attribute. As a consequence, when trying to locate an element referenced in a signature, the following attributes are considered: o Local ID attributes on XML Signature elements o Local ID attributes on XML Encryption elements + o Local ID attributes on SAML Assertions o Global wsu:Id attributes (described below) on elements In addition, when signing a part of an envelope such as the body, it is RECOMMENDED that an ID reference is used instead of a more general transformation, especially XPath [XPATH]. This is
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]