[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Issue 54: [ Clarification on Signature Protection property and various SupportingTokens]
[Signature Protection] is about encrypting a ds:Signature element only applies to the primary signature. The reason for encrypting the primary signature is low-entropy signature targets. Supporting signatures do not have low-entropy signature targets. From Section 6.4; If the value is 'true', the primary signature MUST be encrypted and any signature confirmation elements MUST also be encrypted. [Token Protection] is about encrypting a security token ( e.g. saml:Assertion, wsse:BinarySecurityToken etc. ). Section 8.5 Interaction between [Token Protection] property and supporting token assertions discusses it's relationship with supporting token assertions. Gudge > -----Original Message----- > From: Marc Goodner [mailto:mgoodner@microsoft.com] > Sent: 31 March 2006 07:31 > To: K.Venugopal@Sun.COM; ws-sx@lists.oasis-open.org > Subject: [ws-sx] Issue 54: [ Clarification on Signature > Protection property and various SupportingTokens] > > Logged as Issue 54. > > > -----Original Message----- > From: K.Venugopal@Sun.COM [mailto:K.Venugopal@Sun.COM] > Sent: Friday, March 31, 2006 5:08 AM > To: ws-sx@lists.oasis-open.org > Cc: Marc Goodner > Subject: NEW Issue: [ Clarification on Signature Protection > property and > various SupportingTokens] > > PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL > THE ISSUE IS ASSIGNED A NUMBER. > The issues coordinators will notify the list when that has occurred. > > Protocol: ws-sp > > http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.ph p/17389/ws > -securitypolicy-1.2-spec-ed-01-r05.pdf > > Artifact: spec > > Type: design / editorial > > > Title: Clarification on Signature Protection property and various > SupportingTokens > > Description: > > How is SignatureProtection property(EncryptSignature > assertion ) and its > scope different from TokenProtection property ?. When > SignatureProtection property is true how should one treat Signature > elements belonging to SignedSupportingTokens/ > SignedEndorsingSupportingTokens/EndorsingSupportingTokens . > > > Related issues:None > > Proposed Resolution: None > > > Regards, > Venu > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]