OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: AW: [ws-sx] Issue 25: Chap. 6.5 [Token protection] conflicts with chapter 8.3 and 8.4.

Can we put this clarification into the spec? I would
propose to insert it somewhere at the beginning of
chap 8 as something like "How [Token Protection] interacts with
supporting tokens"

Regards,
Werner 

> -----Ursprüngliche Nachricht-----
> Von: Martin Gudgin [mailto:mgudgin@microsoft.com] 
> Gesendet: Mittwoch, 15. Februar 2006 00:30
> An: Marc Goodner; Dittmann, Werner; ws-sx@lists.oasis-open.org
> Betreff: RE: [ws-sx] Issue 25: Chap. 6.5 [Token protection] 
> conflicts with chapter 8.3 and 8.4.
> 
> Comments inline
> 
> Cheers
> 
> Gudge 
> 
> > -----Original Message-----
> > From: Marc Goodner [mailto:mgoodner@microsoft.com] 
> > Sent: 09 February 2006 20:40
> > To: Dittmann, Werner; ws-sx@lists.oasis-open.org
> > Subject: [ws-sx] Issue 25: Chap. 6.5 [Token protection] 
> > conflicts with chapter 8.3 and 8.4.
> > 
> > This is now logged as issue 25.
> > 
> > Marc Goodner
> > Technical Diplomat
> > Microsoft Corporation
> > Tel: (425) 703-1903
> > Blog: http://spaces.msn.com/mrgoodner/ 
> > 
> > 
> > -----Original Message-----
> > From: Dittmann, Werner [mailto:werner.dittmann@siemens.com] 
> > Sent: Thursday, February 09, 2006 12:06 AM
> > To: ws-sx@lists.oasis-open.org
> > Cc: Marc Goodner
> > Subject: [ws-sx] NEW Issue: Chap. 6.5 [Token protection] 
> > conflicts with
> > chapter 8.3 and 8.4.
> > 
> > PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON 
> THREAD UNTIL
> > THE ISSUE IS ASSIGNED A NUMBER.
> > 
> > The issues coordinators will notify the list when that has occurred.
> > 
> > Protocol:  ws-sp
> > ws-securitypolicy-1.2-spec-ed-01-r03-diff.pdf
> > 
> > Artifact:  spec
> > 
> > Type: design
> > 
> > Title: Chap. 6.5 [Token protection] conflicts with chapter 
> > 8.3 and 8.4.
> > 
> > Description:
> > 
> > If the policy uses EndorsingSupportingTokens _and_ sets [Token
> > Protection] then I have the same behaviour as defined for
> > SignedEndorsingSupportingTokens. Is that true? 
> > 
> > On the other hand if I use SignedEndorsingSupportingTokens and do
> > _not_ set [Token Protection] - what should be the result in 
> that case?
> 
> [MJG]
> I think the two things are different;
> 
> If [Token Protection] is true, then each signature covers the 
> token that
> generated it. So the main signature ( the one over the message headers
> and body ) covers the main token (e.g. [Protection Token] in 
> a symmetric
> binding). Endorsing signatures cover the endorsing token.
> 
> For a Signed*SupportingToken the supporting token is covered by the
> *main* message signature.
> 
> If you have a SignedEndorsingSupportingToken *and* [Token 
> Protection] is
> set to 'true' then the supporting token is signed twice, once by the
> main signature and once by the endorsing signature.
> 
> > 
> > Related issues:
> > 
> > 
> > Proposed Resolution:
> > Clarify behaviour of these interdependencies.
> > 
> > 
> > Werner Dittmann
> > Siemens COM MN CC BD TO
> > mailto:Werner.Dittmann@siemens.com
> > Tel:   +49(0)89 636 50265
> > Mobil: +49(0)172 85 85 245
> > 
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]