OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [ws-sx] Issue i147: Contradictory statements made for WSS10 MutualAuth Scenario

Issue i147

 

From: Aditya Athalye [mailto:aditya.athalye@oracle.com]
Sent: Friday, July 13, 2007 1:45 AM
To: ws-sx@lists.oasis-open.org
Cc: Marc Goodner
Subject: [ws-sx] New Issue: Contradictory statements made for WSS10 Mutual Auth Scenario

 

PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL
THE ISSUE IS ASSIGNED A NUMBER.  
The issues coordinators will notify the list when that has occurred.
 
Protocol:  ws-sp examples
 
http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/24579/ws-sp-usecases-examples-draft-15-01.doc
 
 
Artifact:  
 
examples
 
Type:
 
editorial
 
Title:
 
Contradictory statements made in WSS10 Mutual Auth Scenario
 
Description:
 
Lines 1531-32

"Line (M035) indicates the BinarySecurityToken on Line (M024) is included in the signature as required by the ProtectTokens
assertion of the AsymmetricBindingAssertion policy."

Lines 1533-34

"Note that the initiator’s BinarySecurityToken is not included in the message signature as it was not required by policy."

 
Related issues:
 
None
 
Proposed Resolution:
 
I think lines 1533-34 are not required as the token has to be covered by message signature as indicated by 1531-32
 
Thanks
Aditya Athalye
 
 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]