wss message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: New Issue: SecurityTokenReference/Reference/@ValueType Attribute
- From: Michael McIntosh <mikemci@us.ibm.com>
- To: <wss@lists.oasis-open.org>
- Date: Tue, 18 Nov 2003 09:15:49 -0500
Section 7.2 Direct References of Web
Services Security: SOAP Message Security Working Draft 17, Wednesday, 27
August 2003 states:
"/wsse:SecurityTokenReference/Reference/@ValueType
This
optional attribute specifies a QName that is used to identify the type
of token being referenced (see <wsse:BinarySecurityToken>). This
specification does not define any processing rules around the usage of
this attribute, however, specifications for individual token types MAY
define specific processing rules and semantics around the value of the
URI and how it SHALL be interpreted. If this attribute is not present,
the URI SHALL be processed as a normal URI. The usage of ValueType is RECOMMENDED
for local URIs."
Section 6.3.2 Encoding Binary Security
Tokens of Web Services Security: SOAP Message Security Working Draft 17,
Wednesday, 27 August 2003 states:
"/wsse:BinarySecurityToken/@ValueType
The
ValueType attribute is used to indicate the "value space" of
the encoded binary data (e.g. an X.509 certificate). The ValueType attribute
allows a qualified name that defines the value type and space of the encoded
binary data. This attribute is extensible using XML namespaces. Subsequent
specifications MUST define the ValueType value for the tokens that they
define. The usage of ValueType is RECOMMENDED."
The description of the SecurityTokenReference/Reference/@ValueType
attribute would have been more understandable if it hadn't referenced the
BinarySecurityToken. After reading that section, I am not sure I understand
how these attributes differ in purpose. It seems odd that usage of the
ValueType attribute would be recommended for both the wsse:BinarySecurityToken
and the wsse:SecurityTokenReference that points to it.
My understanding is that the description
of the SecurityTokenReference/Reference/@ValueType attribute is incorrect.
Thanks,
Mike
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]