[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] Proposed text on C14N
Hal My point, which I probably didn't make clear enough, is that the WS-Security spec. allows ways for an implementation to perform a signature which requires exclusive cononicalization, inclusive cononicalization or neither in order for the signature to be properly validated. While there are alternate means of signing, the spec does not give any guidance nor any warning. What I was suggesting was that we give some guidance or at least a warning as to when the proper cononicalization is appropriate. This is a pretty subtle subject where many people will be taken by surprise by an unexpected result. Don -----Original Message----- From: Hal Lockhart [mailto:hlockhar@bea.com] Sent: Wednesday, September 03, 2003 11:00 AM To: flinn@alum.mit.edu; merlin@baltimore.ie; Rich Salz Cc: wss@lists.oasis-open.org Subject: RE: [wss] Proposed text on C14N > The SAML token may contain its own digital signature. A signed SAML token > can then be placed in the SOAP header and the token signed. I think in this case it may be simpler and more foolproof to include only the issuer and assertion id under the second signature. Hal To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/wss/members/leave_workgroup.php .
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]