[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: NEW Issue: Use of ds:KeyInfo in fed:TokenSigningKeyInfo Element
PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON
THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. The issues coordinators will notify the list when that has
occurred. Protocol: wsfed ws-federation-1.2-spec-ed-01.doc: http://www.oasis-open.org/apps/org/workgroup/wsfed/download.php/24422/ws-federation-1.2-spec-ed-01.doc
Artifact: spec Type: design Title: Use of ds:KeyInfo in fed:TokenSigningKeyInfo Element Description: The sentence beginning at line 927 states: “Any
top-level element legally allowed as a child of the ds:KeyInfo element (as per
[XML-Signature]) can appear as a child of the
<wsse:SecurityTokenReference> element.” The ds:KeyInfo element itself is can appear as a child of
the <wsse:SecurityTokenReference> element. There is no need for the
explicitly call out the top-level child elements of ds:KeyInfo. Related issues: None Proposed Resolution: Line 927-928: Remove the sentence “Any top-level
element legally allowed as a child of the ds:KeyInfo element (as per
[XML-Signature]) can appear as a child of the
<wsse:SecurityTokenReference> element.” Line 931: Change “For example, the token signing key
can be carried inside an X.509 certificate and specified as follows” to
“For example, the token signing key can be carried inside an X.509
certificate and specified using the ds:KeyInfo element (as per [XMLDSIG]) as
follows” Line 933: Insert <ds:keyInfo> immediately after the
existing <wsse:SecurityTokenReference> element in the example. Line 946: Insert </ds:keyInfo> immediately before the
existing <wsse:SecurityTokenReference> element in the example |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]