OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [XML Signature] DSig-01

> SOAP implicitely uses a detached signature as far as I understand.
> 
> A drawback with enveloped signatures is that they clobber 
> messages which is likely to be the reason why SOAP do not use such.

No, I think SOAP uses them detached because SOAP views the signing
aspect as a separate "module" from the core spec. I don't think SAML's
use of signing is quite so separate. But it could be, it's really just a
matter of what seems appropriate for the use case.

> I.e. using detached signatures there is no need for schemas 
> to contain an optional Signature element.

What's the cost? You already have the KeyInfo there, so the schema's
already pulling in DSig. I think "clobber" is a bit strong.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC