[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss-comment] Further comments on WSS 1.1 SAML Token Profile
] > 3. Lines 564-568 seem to disallow refering to an STR in order to ] > sign the STR itself, that is I can ONLY ever sign the referent, not the ] > referee. Is this really the intent? Or is the text trying to say 'if you ] > want to sign the assertion then make sure you use the STR Dereference ] > transform'? ] > ] ] no and yes. ] I will clarify this. In keeping with "if you want to sign the assertion then make sure you use the STR Dereference transform", will that clarification include a change to line 568 to clarify that it is perfectly okay to use the STR Dereference transform for an embedded reference if you don't want to sign the reference and just want to sign the token? If this can be done as one issue, that is okay with me. If we think it is better to track it as a separate issue, we can use this e-mail to open that second issue.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]