OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] AI-37 DSig Core change proposal

> Thanks for another excellent document. I have a couple of 
> questions and comments. 

Just to note, most of these are from the SAML 1.0 text that I left intact in the first few sections.

> 5) 5.4.3
> Should we remove this:
> "Profiles MAY permit other methods, or recommend that 
> specific methods be used or omitted, if it can be assumed 
> that processing will not be affected in the application of 
> the profile"
> or do we want to say that canonicalization must allow 
> signature verification outside the original XML context?

I don't feel strongly about keeping it. I figured people might want to leave an "out" for profiles that wanted to define their own
rules for efficiency or whatever. I'm not sure it's really needed, since the profile here is close to maximal efficiency anyway.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]