OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [wss] 3/23/04 Minutes

>SAML interop, Maneesh from Westbridge will send e-mail on questions 
> relative to the holder-of-key procedure.

I had the following questions regarding the examples listed for the
Sender-Vouches:Signed and Holder-of-key scenarios described in the
WD-04-WSS SAML Interop scenarios. 

1. Sender-Vouches:Signed
   Section 5.4.4, Page 25, Line #688

   The SignatureMethod in the detached signature is specified as
hmac-sha1 however the KeyInfo refers to an X509v3 certificate. Could
this be a typo?

2. Holder-of-Key
   Section 6.4.4, Page 34, Line #966
   I assume that the signature method in the detached signature is
hmac-sha1 if the KeyInfo specified in the SubjectConfirmation is a
secret key and rsa-sha1 if the KeyInfo specifies an rsa public key?


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]