[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Further comments on WSS 1.1 SAML Token Profile
Here are some further comments on WSS 1.1 SAML Token Profile CD doc[1]. Gudge [1] http://www.oasis-open.org/committees/download.php/13405/wss-v1.1-spec-pr -SAMLTokenProfile-01.pdf 1. I don't see what lines 272-281 have to do with WSS. Actually, to be honest, I don't see what sections 3.2.2, 3.2.3, or 3.2.4 have to do with WSS. Why are they in this token profile? 2. Lines 378-389 don't seem to support refering to a SAML assertion from an EncryptedData block and Lines 554-556 explicitly rule out referring to SAML assertions from encrypted data blocks why is this? 3. Lines 564-568 seem to disallow refering to an STR in order to sign the STR itself, that is I can ONLY ever sign the referent, not the referee. Is this really the intent? Or is the text trying to say 'if you want to sign the assertion then make sure you use the STR Dereference transform'?
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]