OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [wss] [WSS] Questions on STR Transform

merlin wrote:

>As far as I understand it, in either case a _new_ BST will
>be used. X.509 certificates are always considered raw binary
>security tokens and encoded as per the X.509 profile.
>The XML replacement mode is only used for:
>  . Same-document URI reference
>  . Embedded (in which case child elements replace the STR
>    element; whitespace and comments are ignored)
>  . KeyIdentifier or other for an XML token type
>To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/wss/members/leave_workgroup.php.

Thanks for clarifying this.

I was wondering if the transform *should* be used
when the STR contains an embedded ST.

In that case, would there be any disadvantage to either,
digesting the STR without the additional transform,

I noticed that the spec has a malformed sentence at lines 994-995

"This element is used to wrap parameters for a transformation allows 
elements even from"
the XML Signature namespace. "

I propose that it be replaced with the following:

"This element is used to establish parameters of the transformation."

I have a related question, why as mandated by lines 1013-1020
MUST a canonicalizationMethod be specified within the STR transform.

"The transform takes a single mandatory parameter, a 
element, which is used to serialize the input node set."

Would it be sufficient to provide an ability to specify the method to be 
used during the
transform and to otherwise use the method defined by SignedInfo?


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]