[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [wss] Issue with Core Draft 3: When to use STRs, Direct References,or Key Identifiers
Sections 7.1 (beginning at line 617 of Draft 3 of the core) through 7.3 define the Security Token Reference Element, Direct References and Key Identifiers. I find the use of these varying forms of references confusing. Perhaps Direct References and Key Identifiers are the 2 forms of STRs, but it looks like there is also a n elemental form of STR that is neither a direct reference or a key identifier. The example beginning at line 637, seems to contain a "direct reference" (in the section on STRs), which makes the distinction between STR's and direct references difficult (for me) to understand. The example in section 3.4 (line 278) seems to have been set up to do a reference by wsu:id attribute value, although the reference is done by URI where the value of the URI is the attribute value. Is this the prefered use model? or would we expect a simple STR with a wsu:id value as apposed to a Direct reference/URI to be used? The description of key identifiers seems to imply that Direct references are the prefered form of reference, and where they cannot be used a key identifier is recommended. I find this all very confusing. My intuition tells me that we need different ways to reference tokens based on whether the token is in the msg or not, at the relying party or not; but I don't see how any such distinctions relate to the use of the various reference forms defined by the document
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC