[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [wss] Issues/Questions
Regarding issues on WS_Security Core, Draft 3, 3-Nov-02:
Is it really appropriate to endorse a claim via encryption? Perhaps line 209 in 3.1
should be changed to read: "that is digitally signed by the authority."
Editorial comment - the word "unendorse" can be misinterpreted as some sort of revocation.
I'd argue, remove it from line 208 ("A claim can be endorsed by a trusted authority.") and
then begin line 213 with "A claim may be trusted without explicit endorsement if there is ..."
Editorial - line 362 in 4.2, spell out "Post-Schema Validation InfoSet". I guess this last paragraph
says that for non-schema aware processors, support for wsu:Id is optional but recommended? Wouldn't it be
better to require support regardless of implementation?
< Frederick
---------------------------------------
Frederick Hirsch
Technology Architect
Nokia Mobile Phones
5 Wayside Rd., Burlington, MA 01803 USA
frederick.hirsch@nokia.com
+1 781-993-3735
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC