[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wss] Comments on Sender-Vouches-Signed section in SAML Interopdraft
Maneesh, Thanks for pointing these problems out. It sometimnes is not clear to me whether you are pointing out problems in the interop doc or the profile. I guess sometimes the problems are in both places. Regarding the following, I will make the appropriate corrections to the examples in the STP regarding the signature alg. Regarding the use of the STR transform, it is only necessary with SV, as the attesting entity only need sign the assertion when its key is not signed into the assertion. We expect holder-of key assertions to contain an authority protected key binding. Ron Maneesh Sahu wrote: > Hi, > > I have a few comments and need some clarifications on the example > provided with the sender-vouches:signed section: > > Page 25 > > Line 688: Shouldnt the signature method be rsa-sha1 instead of hmac-sha1 ? > Line 691: For sender-vouches, the STR-Transform may be a bit > redundant. It may be useful for holder-of-key where the assertions are > immutable and need to be referenced differently. > Line 708: Shouldnt the reference URI be #attesterCert instead of > attesterCert ? > > Apologies if these issues have been tackled earlier...this is my first > day on the group. > > --ms > Maneesh Sahu > Westbridge Technology, Inc. > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]