OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] Groups - sstc-saml-x509-authn-based-attribute-protocol-profile-2 0-draft-07.pdf uploaded


Title: Message
Rick, perhaps not.
 
If you read the full spec, it does say sign the Response and then later sign the Assertion. So I would have interpretted as both.
 
Anyone else?
 
Tom.
-----Original Message-----
From: Randall Rick [mailto:randall_rick@bah.com]
Sent: Tuesday, May 24, 2005 7:44 AM
To: Thomas Wisniewski; security-services@lists.oasis-open.org
Subject: Re: [security-services] Groups - sstc-saml-x509-authn-based-attribute-protocol-profile-2 0-draft-07.pdf uploaded

Tom,
 
Sorry I missed that comment earlier.  The intent is to sign both.  Do I need to post another draft to clarify this?
 
 
 ~ Rick


From: Thomas Wisniewski [mailto:Thomas.Wisniewski@entrust.com]
Sent: Tuesday, May 24, 2005 12:27 AM
To: security-services@lists.oasis-open.org
Subject: RE: [security-services] Groups - sstc-saml-x509-authn-based-attribute-protocol-profile-2 0-draft-07.pdf uploaded

Rick, looks good. Only one comment.

There is a incocnsistency in lines 156 and 245. Basically when you are sending the Assertiton back, you can sign, the Response, the Assertion (inside the Response), or both. Line 156 seems to mandates signing the Response (and makes no mention of the assertion) whereas line 245 (which elaborates on the signing), mandates signing the Assertion (and makes no mention of the response).

Was your intent to sign only one of the 2 (or to sign both items, which seems a bit much)?

Tom.

-----Original Message-----
From: rrandall_bouncemail@bah.com [mailto:rrandall_bouncemail@bah.com]
Sent: Monday, May 23, 2005 6:57 PM
To: security-services@lists.oasis-open.org
Subject: [security-services] Groups - sstc-saml-x509-authn-based-attribute-protocol-profile-2 0-draft-07.pdf uploaded


The document named sstc-saml-x509-authn-based-attribute-protocol-profile-2
0-draft-07.pdf has been submitted by Mr. Rick Randall to the OASIS Security Services (SAML) TC document repository.

Document Description:
Draft v07 of the X.509 authn profile, PDF format.

This draft incorporates comments provided by Thomas Wisniewski and Scott Cantor of the SSTC on draft 06.

Many thanks to Tom and Scott for their comments.

View Document Details: http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=12818

Download Document: 
http://www.oasis-open.org/apps/org/workgroup/security/download.php/12818/sstc-saml-x509-authn-based-attribute-protocol-profile-2%200-draft-07.pdf


PLEASE NOTE:  If the above links do not work for you, your email application may be breaking the link into two pieces.  You may be able to copy and paste the entire link address into the address field of your web browser.

-OASIS Open Administration



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]