[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: ISSUE i170: Update XML Signature references to refer to XML Signature, Second Edition, update c14n reference in ws-trust
In addition to the changes proposed with the issue below , we may also need the following additional changes to WS-SecurityPolicy 1.2 1) in Section 6.1, [Algorithm Suite] Property [1] Add algorithm abbreviation and URI for C14N11 as follows: C14N11 http://www.w3.org/2006/12/xml-c14n11 2) Update section 7.1 AlgorithmSuite Assertion 2a) In Syntax box, after <sp:InclusiveC14N ... /> ? add <sp:InclusiveC14N11 ... /> ? 2b) Add after /sp:AlgorithmSuite/wsp:Policy/sp:InclusiveC14N the following: /sp:AlgorithmSuite/wsp:Policy/sp:InclusiveC14N11 This optional element is a policy assertion that indicates that the [C14N] property of an algorithm suite is set to 'C14N11'. Note: as indicated in Section 6.1 the default value of the [C14N] property is 'ExcC14N'. 3) Shouldn't the abbreviations for C14n and ExC14n be C14N and ExC14N to correspond to the values noted in section 7.1? 4) As discussed on the call, we may wish to modify the proposal to add references to XML Signature (Second Edition) and Canonical XML 1.1 instead of replacing the original references. I do not believe any other changes are required to accommodate XML Signature (Second Edition) since the namespace has not changed. regards, Frederick Frederick Hirsch Nokia [1] http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws- securitypolicy-1.2-spec-os.html#_Toc161826547 On Aug 27, 2008, at 12:20 PM, ext Greg Carpenter wrote: > Issue i170 > > -----Original Message----- > From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com] > Sent: Tuesday, August 26, 2008 5:38 PM > To: Frederick Hirsch > Cc: OASIS WS-SX > Subject: [ws-sx] Re: NEW ISSUE: Update XML Signature references to > refer to XML Signature, Second Edition, update c14n reference in ws- > trust > > replace "SAML" with "WS-SX" in description. > > regards, Frederick > > Frederick Hirsch > Nokia > > > > On Aug 26, 2008, at 5:28 PM, Frederick Hirsch wrote: > >> PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD >> UNTIL THE ISSUE IS ASSIGNED A NUMBER. >> >> The issues coordinators will notify the list when that has occurred. >> >> Protocol: ws-trust, ws-sc, ws-sp >> >> http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.pdf >> >> http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/ws- >> secureconversation-1.3-os.pdf >> >> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws- >> securitypolicy-1.2-spec-os.pdf >> >> Artifact: spec >> >> Type: editorial >> >> Title: Update XML Signature references to refer to XML Signature, >> Second Edition; update XML canonicalization reference to Canonical >> XML 1.1 >> >> Description: >> >> The Second Edition of XML Signature [1] is not a new version of XML >> Signature and does not change the namespace for XML Signature, nor >> does it introduce breaking changes. For this reason I believe we >> should be able to update all WS-SX references to refer to it. >> >> This edition of XML Signature does incorporate errata, update RFC >> references, clarify text and introduce the new Canonical XML >> Version 1.1 algorithm [2] as a required algorithm. Since uses of >> XML Signature may specify the algorithms used, SAML instances may >> continue to specify Canonical XML 1.0, though it would be >> preferable if Canonical XML 1.1 support were introduced and used. >> >> Canonical XML 1.1 addresses issues related to inheritance of >> attributes in the XML namespace when canonicalizing document >> subsets, including the requirement not to inherit xml:id, and to >> treat xml:base URI path processing properly. >> >> A summary of changes in XML Signature Second Edition is available >> at [3], and a redline at [4]. >> >> [1] http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/ >> >> [2] http://www.w3.org/TR/xml-c14n11/ >> >> [3] http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/explain >> >> [4] http://www.w3.org/2008/xmlsec/xmlsec-redline.html >> >> >> Related issues: none >> >> >> Proposed Resolution: >> >> Add errata for WS-Trust 1.3 Section 1.6 lines 189-191; WS- >> SecureConversation 1.3 Section 1.6 lines 161-163; and WS- >> SecurityPolicy 1.2 Section 1.5 lines 252-254 to replace a >> reference to XML Signature with the updated XML Signature, Second >> Edition reference, as follows >> >> Original text: >> [XML-Signature] W3C Recommendation, "XML-Signature Syntax and >> Processing", 12 February 2002. >> http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/ >> >> New text: >> [XML-Signature] W3C Recommendation, D. Eastlake et al. XML >> Signature Syntax and Processing (Second Edition). 10 June 2008. >> http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/ >> >> In addition, add errata for WS-Trust 1.3 Section 1.6 lines 178-179; >> >> Original text: >> [XML-C14N] W3C Recommendation, "Canonical XML Version 1.0", 15 >> March 2001. http://www.w3.org/TR/2001/REC-xml-c14n-20010315 >> >> New text: >> [XML-C14N] W3C Recommendation, "Canonical XML Version 1.1", 2 May >> 2008. hhttp://www.w3.org/TR/2008/REC-xml-c14n11-20080502/ >> >> regards, Frederick >> >> Frederick Hirsch >> Nokia >> >> >> >> >> >> > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]