OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [dss] Signature Verification Output





The key here is MAY want to return information, as some clients may not be
able to process the information and can't handle passing any information
back

Anthony Nadalin | work 512.436.9568 | cell 512.289.4122


|---------+---------------------------->
|         |           "Gregor          |
|         |           Karlinger"       |
|         |           <gregor.karlinger|
|         |           @cio.gv.at>      |
|         |                            |
|         |           04/01/2003 12:49 |
|         |           AM               |
|---------+---------------------------->
  >----------------------------------------------------------------------------------------------------------------------------------------------|
  |                                                                                                                                              |
  |       To:       Anthony Nadalin/Austin/IBM@IBMUS                                                                                             |
  |       cc:       <dss@lists.oasis-open.org>                                                                                                   |
  |       Subject:  RE: [dss] Signature Verification Output                                                                                      |
  >----------------------------------------------------------------------------------------------------------------------------------------------|




Tony,

I am sure there are a lot situations where the requestor wants to
know what is the information actually signed by the signtature.

What's the worth of a signature if I do not know what the signature
is about?

/Gregor

> -----Original Message-----
> From: Anthony Nadalin [mailto:drsecure@us.ibm.com]
> Sent: Monday, March 31, 2003 10:40 PM
> To: dss@lists.oasis-open.org
> Subject: Re: [dss] Signature Verification Output

[...]

> Why isn't this a "validation service" ? In most cases the
> "client" (should be requestor here) won't know what to do
> with the transformed data, and other signature-related info.
> How does this fit into signing/validating WS-Security headers ?

[...]

>> One big remaining question: does the verification service just:
>> A) verify the signature (return true/false), or
>> B) return the transformed data, and other signature-related
>> info to the client in an easy-to-read form
>>
>> The current requirements document says the latter (3.7.2 and
>> 3.7.3), but that's tentative.  Should those sections stay in or not?
>>
>> Trevor



#### smime.p7s has been removed from this note on April 01, 2003 by Anthony
Nadalin

smime.p7s

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]