OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: New Issue: SecurityTokenReference/Reference/@ValueType Attribute



Section 7.2 Direct References of Web Services Security: SOAP Message Security Working Draft 17, Wednesday, 27 August 2003 states:

"/wsse:SecurityTokenReference/Reference/@ValueType

        This optional attribute specifies a QName that is used to identify the type of token being referenced (see <wsse:BinarySecurityToken>). This specification does not define any processing rules around the usage of this attribute, however, specifications for individual token types MAY define specific processing rules and semantics around the value of the URI and how it SHALL be interpreted. If this attribute is not present, the URI SHALL be processed as a normal URI. The usage of ValueType is RECOMMENDED for local URIs."

Section 6.3.2 Encoding Binary Security Tokens of Web Services Security: SOAP Message Security Working Draft 17, Wednesday, 27 August 2003 states:

"/wsse:BinarySecurityToken/@ValueType
        The ValueType attribute is used to indicate the "value space" of the encoded binary data (e.g. an X.509 certificate). The ValueType attribute allows a qualified name that defines the value type and space of the encoded binary data. This attribute is extensible using XML namespaces. Subsequent specifications MUST define the ValueType value for the tokens that they define. The usage of ValueType is RECOMMENDED."

The description of the SecurityTokenReference/Reference/@ValueType attribute would have been more understandable if it hadn't referenced the BinarySecurityToken. After reading that section, I am not sure I understand how these attributes differ in purpose. It seems odd that usage of the ValueType attribute would be recommended for both the wsse:BinarySecurityToken and the wsse:SecurityTokenReference that points to it.

My understanding is that the description of the SecurityTokenReference/Reference/@ValueType attribute is incorrect.

Thanks,
Mike


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]