OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: XML Signature


	Thanks for the input. I am, as we speak, putting together a document with
some rationale for these questions. Also plan to talk with SF.


  |-----Original Message-----
  |From: Mishra, Prateek [mailto:pmishra@netegrity.com]
  |Sent: Tuesday, September 25, 2001 3:17 PM
  |To: 'Hal Lockhart'; 'Krishna Sankar'; oasis sstc
  |Cc: 'Scott Cantor'
  |Subject: RE: XML Signature
  |Here is a starting point:
  |(1) Do we need to support all
  |    three forms of signing? Detached, enveloping and enveloped
  |(2) Do we need to support all the varied forms of the
  |<KeyInfo> element?
  |(3) What is the relationship between a signed response and
  |the assertions contained within the response? Under what
  |circumstances should the "super-signature" apply to the embedded
  |assertions. Similar questions arise for requests.
  |I had initiated some discussion in the general vicinity of (3)
  |- prateek
  |>>On a previous concall, I suggested the first thing to do was
  |>>draw up a list
  |>>of what questions need to be answered to create a profile. I
  |>>don't believe
  |>>this is explicit in the spec. I also suggested that Stephen
  |>>Farrell might
  |>>provide useful input.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC