wss message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [wss] Re: [wsi_secprofile] Format of wsse:Embedded
- From: Jerry Schwarz <jerry.schwarz@oracle.com>
- To: Anthony Nadalin <drsecure@us.ibm.com>, "wss@lists.oasis-open.org" <wss@lists.oasis-open.org>
- Date: Sun, 07 Dec 2003 19:42:49 -0800
At 08:56 PM 12/6/2003, Anthony Nadalin wrote:
> It would be helpful if we knew
whether this ambiguity was intentional or
whether the WSS TC intends to constrain in some way the format of
the
wsse:Embedded element.
Any token format is valid and I don't think that there is any
ambiguity
its just an in-lined token
But this doesn't really answer the question which I repeat here for
convenience.
- It is unclear what is expected to be contained in this
element. In the case
- of an X.509 certificate, it could be the base64 encoded certificate
as child
- text, or it could be a wsse:BinarySecurityToken containing the
certificate.
The only definition of "token" we have is
- Security Token
– A security token
represents a collection (one or more) of claims.
Taken literally this would suggest that the first option "child
text" is allowed, but I don't think this was intended.
Anthony Nadalin | work 512.436.9568
| cell 512.289.4122
To unsubscribe from this mailing list (and be removed from the roster of
the OASIS TC), go to
http://www.oasis-open.org/apps/org/workgroup/wss/members/leave_workgroup.php.
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]