security-services message

Subject: Re: [security-services] New Issue: AssertionID/ WSS Direct reference compatability

From: Greg Whitehead <grw@trustgenix.com>
To: Ron Monzillo <Ronald.Monzillo@Sun.COM>
Date: Tue, 13 Jul 2004 16:03:39 -0700

On Jul 13, 2004, at 3:07 PM, Ron Monzillo wrote:

> There already is such an envelope in WSS
> but it's use (which causes in-lining) would preclude efficiencies
> where the same on msg token is used in multiple security opertaions
> on the msg (i.e. as the KeyInfo of two signatures)

The Embedded wrapper is different than what I am proposing -- as you 
point out, the Embedded wrapper precludes multiple use. What I am 
proposing is a wrapper that can carry the wsu:Id attribute without 
creating problems with our own schema, or requiring assertion 
generators to know a-priori how an assertion will be transported.

-Greg

Follow-Ups:
- Re: [security-services] New Issue: AssertionID/ WSS Direct referencecompatability
  - From: Ron Monzillo <Ronald.Monzillo@Sun.COM>

References:
- RE: [security-services] New Issue: AssertionID/ WSS Direct referencecompatability
  - From: Ari Kermaier <ari.kermaier@oracle.com>
- Re: [security-services] New Issue: AssertionID/ WSS Direct reference compatability
  - From: Greg Whitehead <grw@trustgenix.com>
- Re: [security-services] New Issue: AssertionID/ WSS Direct referencecompatability
  - From: John Kemp <john.kemp@nokia.com>
- Re: [security-services] New Issue: AssertionID/ WSS Direct referencecompatability
  - From: Ron Monzillo <Ronald.Monzillo@Sun.COM>