Re: [wss] Comments on WSS-Core-01

[ronald monzillo <ronald.monzillo@sun.com>]

Hal,

I also found lines 733-735 to be a bit difficult to understand, and I 
welcomed
Prateek's request to have their meaning clarified. That said, my guess 
was that
the cited lines were intended to mean something like the following:

The validation of an XML signature that uses a SecurityTokenReference to 
identify the key used to create the signature, justifies the application 
(by the relying party/receiver) of any other claims made within the 
referenced token (most notably the identity bound to the key) to the 
signature author (that is, if the relying party trusts the authority 
responsible for the claims in the referenced token).

I read the use of a SecurityTokenReference as being consistent with the 
recommendation that
it be used in lieu of KeyInfo.

I see your point about making sure it is clear how the claims in the token
should be applied (to the msg author) by the relying party. To that extent,
I can see how 1 and 2 of your list should be inferred. It is less clear 
to me
that the types of inferences/semantics you describe in 3 or 4, need be 
specifed,
as doing so would likely require the standardization of claims and their
associated semantics.

Ron

Hal Lockhart wrote:

> Yes, I agree. I noticed the asymmetry when I first looked at the 
> section, but it slipped my mind when I wrote my reply.
>  
> Hal
>
>     -----Original Message-----
>     From: Mishra, Prateek [mailto:pmishra@netegrity.com]
>     Sent: Wednesday, October 02, 2002 11:44 AM
>     To: 'Hal Lockhart'; Mishra, Prateek; wss@lists.oasis-open.org
>     Subject: RE: [wss] Comments on WSS-Core-01
>
>
>     [Prateek Mishra] 
>      
>     Hal,
>      
>     thanks for your clarification which appear quite reasonable to me.
>     However, notice that the
>     original text refers only to <wsse:SecurityTokenReference> elements combined with signatures.
>     Your clarification explains the more general case of combining
>     tokens of one sort or the other with
>     signatures in the <wss:Security> header. We should either generalize lines 733-735 or explain why
>     combining <wsse:SecurityTokenReference>
>     with signatures has some additional special meaning.
>      
>      
>      > (4) lines 733 - 735: I could not follow the point made here at
>     all.
>
>         To make this easier to follow, the lines in question are:
>
>         ----
>         733 When an XML Signature is used in conjunction with the
>         <wsse:SecurityTokenReference>
>         734 element, the security token of a message signer may be
>         correlated and a mapping made
>         735 between the claims of the security token and the message
>         as evaluated by the application.
>         ----
>
>         I believe the intention is that if the application receiving
>         the message trusts the the token, it is allowed to associate
>         the claims in the token with the party that originated the
>         signed message. However, the specific semantics applied depend
>         implicitly on both the nature of the claims and the specific
>         application (and hence the contents of the message). They are
>         not explicitly indicated by the contents of the security header.
>
>         Common cases would be:
>
>         1. The message is some type of request and the claims describe
>         the party making the request.
>
>         2. The information in the message is asserted to be correct by
>         the party described by the claims.
>

>         3. The party described by the claims agrees to the contractual
>         terms represented in the message.
>
>         4. The claims describe the policy for any use or distribution
>         of the information in the message.
>
>         However, these are surely not exhaustive.
>
>         Hal
>