OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [wss] Comments on Sender-Vouches-Signed section in SAML Interopdraft


Thanks for pointing these problems out. It sometimnes is not clear to me 
whether you are
pointing out problems in the interop doc or the profile. I guess 
sometimes the problems
are in both places. Regarding the following, I will make the appropriate 
corrections to
the examples in the STP regarding the signature alg.

Regarding the use of the STR transform, it is only necessary with SV, as 
the attesting
entity only need sign the assertion when its key is not signed into the 
assertion. We
expect holder-of key assertions to contain an authority protected key 


Maneesh Sahu wrote:

> Hi,
> I have a few comments and need some clarifications on the example 
> provided with the sender-vouches:signed section:
> Page 25
> Line 688: Shouldnt the signature method be rsa-sha1 instead of hmac-sha1 ?
> Line 691: For sender-vouches, the STR-Transform may be a bit 
> redundant. It may be useful for holder-of-key where the assertions are 
> immutable and need to be referenced differently.
> Line 708: Shouldnt the reference URI be #attesterCert instead of 
> attesterCert ?
> Apologies if these issues have been tackled earlier...this is my first 
> day on the group.
> --ms
> Maneesh Sahu
> Westbridge Technology, Inc.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]