[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [wss] inconsistent token prepending "rules"
In section 9 of the core it states 954: "When a sender or an intermediary encrypts portion(s) of a SOAP message using XML Encryption they MUST prepend a sub-element to the <wsse:Security> header block." This as a rule since it uses the word MUST. In section 5 of the core its states: 419: As elements are added to the <wsse:Security> header block, they SHOULD be prepended to the existing elements. As such, the <wsse:Security> header block represents the signing and encryption steps the message sender took to create the message. This prepending rule ensures that the receiving application MAY process sub-elements in the order they appear in the despite the phrase "this prepending rule", This as a "prepending recommendation" due to the use of the word SHOULD. There is a similar recommendation in section 8.2. My questions: is there a good reason why prepending is a rule in the case of encryption and a recommendation in the case of signature? Should they both be recommendations? rules? If the recommendation form is appropriate for the signature case, then we should refer to prepending in that context as a recommendation not a rule. The SAML profile defers to this stuff and related stuff (as "token inclusion rules") thus teh questions. Ron ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]