[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wss] [WSS] Questions on STR Transform
merlin wrote: >As far as I understand it, in either case a _new_ BST will >be used. X.509 certificates are always considered raw binary >security tokens and encoded as per the X.509 profile. > >The XML replacement mode is only used for: > . Same-document URI reference > . Embedded (in which case child elements replace the STR > element; whitespace and comments are ignored) > . KeyIdentifier or other for an XML token type > >Merlin > >To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/wss/members/leave_workgroup.php. > > Merlin, Thanks for clarifying this. I was wondering if the transform *should* be used when the STR contains an embedded ST. In that case, would there be any disadvantage to either, digesting the STR without the additional transform, I noticed that the spec has a malformed sentence at lines 994-995 "This element is used to wrap parameters for a transformation allows elements even from" the XML Signature namespace. " I propose that it be replaced with the following: "This element is used to establish parameters of the transformation." I have a related question, why as mandated by lines 1013-1020 MUST a canonicalizationMethod be specified within the STR transform. "The transform takes a single mandatory parameter, a <ds:CanonicalizationMethod> element, which is used to serialize the input node set." Would it be sufficient to provide an ability to specify the method to be used during the transform and to otherwise use the method defined by SignedInfo? Ron
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]