[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-dd-comment] WS-DD 1.1 2009/01; WS-DD Issue #PR005
Dear
Mr. Treptow: Thank
you very much for submitting your comment on WS-Discovery during the current
public review period regarding Section 8.2 Compact Signature Format. It was
assigned issue number PR005 for tracking purposes. The
WS-DD Technical Committee reviewed your comment and agreed that clarification
is appropriate in Section 8.2. The editorial change made clarifies that Table
14 shows the expanded signature corresponding to the compact signature in Table
13, and is not intended to show the C14N canonicalized form. The working draft
showing the change can be found at http://www.oasis-open.org/committees/download.php/31715/wsdd-discovery-1.1-spec-wd-07.docx.
We
appreciate your help in making the WS-Discovery specification as clear as
possible, and welcome any further comments you may have. Best
regards, Toby
Nixon Co-Chair,
OASIS WS-DD Technical Committee From:
Jay A. Treptow [mailto:jay@treptows.net] Sent:
Thursday, February 26, 2009 6:23 PM To:
ws-dd-comment@lists.oasis-open.org Subject:
[ws-dd-comment] WS-DD 1.1 2009/01 Below
are comments on the Web Services Dynamic Discovery (WS-Discovery) Version 1.1
Public Review Draft 01 28 January 2009. Section
8.2 Compact Signature Format: The
SignedInfo element in the example expanded compact signature in Table 14 is not
in XML-C14N canonical form. Specifically, it does not contain end tags
for elements that only have attributes and no value. I believe this is
misleading for someone trying to correctly create the string to sign. I
think that the example should be in canonicalized form, or at a minimum there
should be a note that states that it is not in canonicalized form. Below
I have inserted what I believe to be the correct form. Table
14 canonicalized: (01)<ds:Signature (02)
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" (03)
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-1414
wssecurity-secext-1.0.xsd" > (04)<ds:SignedInfo><ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod><ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod><ds:Reference
URI="#ID1"><ds:Transforms><ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces
PrefixList="i" xmlns:ec="http://www.w3.org/2001/10/xml-exc-1421
c14n#"></ec:InclusiveNamespaces></ds:Transform></ds:Transforms><ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:DigestValue>ODE3NDkyNzI5</ds:DigestValue></ds:Reference></ds:SignedInfo> (05)
<ds:SignatureValue>ru5Ef76xGz5Y5IB2iAzDuMvR5Tg=</ds:SignatureValue> (06)
<ds:KeyInfo> (07)
<wsse:SecurityTokenReference> (08)
<wsse:KeyIdentifier>Dx42/9g=</wsse:KeyIdentifier> (09)
</wsse:SecurityTokenReference> (10)
</ds:KeyInfo> (11)</ds:Signature> (12) ====================== Jay
Treptow jay@treptows.net ====================== Toby Nixon
| Senior Standards Program Manager | Windows Device and
Storage Technologies | Microsoft Corporation toby.nixon@microsoft.com
| www.microsoft.com | V: +1 425
706 2792 | M: +1 206 790 6377 | F: +1 425 708 4811 |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]