[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Security timestamp comment
Hi, In the WSS SOAP Message Security (Core) Working Draft 17 document, the committee spec version, section 10 Security Timestamps, line 1199-1202, it says: 1199 To preserve overall integrity of each <wsu:Timestamp> element, it is strongly RECOMMENDED 1200 that each SOAP role only create or update the appropriate <wsu:Timestamp> element destined 1201 to itself (that is, a <wsse:Security> header whose actor/role is itself) and no other 1202 <wsu:Timestamp> element. This sentence does not make sense since a SOAP role specifies the destination of a header and so it does not make sense to target a header to itself. This sentence is unnecessary and can be removed without changing the semantics of the surrounding text. -Edwin
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]