[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] SwA Profile draft 15 vote Dec 14
Ron Thanks for your review. Regarding the question, should we change this to be less ambiguous, for example: "When an attachment is encrypted, an <xenc:ReferenceList> element MAY be placed as a direct child of the <wsse:Security> header, but is not required." I assume the typos can be fixed after the vote, and if we agree this text can be changed as well. Thanks regards, Frederick Frederick Hirsch Nokia -----Original Message----- From: ext Ron Monzillo [mailto:Ronald.Monzillo@Sun.COM] Sent: Monday, December 13, 2004 4:47 PM To: Hirsch Frederick (Nokia-TP/Boston) Cc: wss@lists.oasis-open.org Subject: [wss] SwA Profile draft 15 vote Dec 14 Frederick, I support the profile being made a committee draft. In that context, I have the following question: > 438:When an attachment is encrypted, no <xenc:ReferenceList> element > is placed as a direct child of the <wsse:Security> header, since the > <xenc:EncryptedData> element is present in the header, eliminating the > need for this reference. Although the SOAP Message Security standard > recommends the use of <xenc:ReferenceList>, this is only necessary > when the <xenc:EncryptedData> element is not present in the > <wsse:Security> header. Does the profile effectively prohibit the use of a ReferenceList (in a Security header) to reference an encrypted attachment? It would seem that a RL would be convenient when multiple things (including attachments) are being signed, perhaps not with an encrypted key. I noticed the folloiwng trivial typo > 148: Some of these attachments may be have (extra word "be") > a content type corresponding to XML, but do not contain the primary > SOAP envelope to be processed. similarly trivial, it likely would be better to remove the word "still" from the following, as it seems to duplicate the notion of signing something that was already signed. > 240: it is possible to sign a MIME part that already contains a signed > object created by an application. It may still be sensible to sign > such an ---- Ron To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/wss/members/leave_workgroup .php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]