OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: saml-dev RE: [saml-dev] Question about the base64 encoding inBrowser/POST profile

> > The questions I have are about base64 and whether any of that is
> > affected by character encoding.
> No, it's just arbitrary bytes to base64; it doesn't know if 
> it's UTF8, UTF16, Shift-JIS, gb-xxxx, etc.

I don't think there's a major issue then. The XML in the POST profile must be signed before encoding it, so in the general case,
most people are probably base64-encoding a c14nized document, which is UTF-8. We should probably just add text to the profile that
mandates that.

> I believe the problem is that the SAML schema doesn't allow 
> you to say *which* encoding is used.

There is no use of base64 in the schema apart from ds:KeyInfo/ds:Signature, in which case it should be dealt with there.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]