OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: WS-SecurityPolicy signing of Timestamps for Transport bindings

I tried posting this via the web form, but it didn't make it.  Trying this 

Name: Gary McAfee
Title: Software Engineer
Organization: IBM
Regarding Specification: WS-SecurityPolicy v1.2
Editors Draft 01, 27 April 2006

I noticed what appears to be a slight inconsistency. 

In section 8.4 this text regarding SignedEndorsingSupportingTokens 
appears: "If transport security is used, the token (Tok2) is included in 
the Security header and the 
signature (Sig2) should cover the message timestamp as illustrated below:"

However, when looking at C.1.2 Initiator to Recipient Messages, which is 
an example using a Transport binding, the following text appears:
"Any tokens contained in the [Signed Endorsing Supporting Tokens] property 
followed by the corresponding signature. Each signature MUST cover the
wsu:Timestamp element from 1 above..."

Notice how the first section uses "should" while the 2nd section uses 
"MUST".  A similiar issue occurs for EndorsingSupportingTokesn.  Hopefully 
I'm not interpreting these sections incorrectly or reading too much into 

Hope this helps,

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]