OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Groups - WSS-SAML-10.pdf uploaded

The document WSS-SAML-10.pdf has been submitted by ronald monzillo (ronald.monzillo@sun.com) to the OASIS Web Services Security TC document repository.

Document Description:
Draft for virtual interop 
Changes since previous draft:

1. Changed all instances of wsu:id to wsu:Id

2. In section 3.4.2.1 beginning around line 705, removed the distinction of the “typical case where the assertion authority has NOT securely bound a key…” because we no longer expect sender-vouches to use a confirmation key.

3. Corrected STR transform URL to match change in core.

4. Removed from section 3.3.2 mention of use of KeyInfo with sender-vouches confirmation method.

5. Modified footnote in section 3.2 regarding usage attribute to reflect change from QNAMES to URIs.

6. Corrected signature algorithm in examples.

7. Corrected transforms syntax of example in section 3.3.3.

8. In section 3.3.3 recommended that STR dereference transform not be applied to embedded token references.

9. Removed requirement (from section 4.5 of Security Considerations) that assertion references be protected from unauthorized modification. 

10. Removed namespace qualification from ValueType, URI, EncodingType, and Usage Attributes (mostly in examples). Also removed angle brackets.

11. Reworded initial paragraph of section 2.2 Namespaces such that it is not normative, and affords more flexibility in the form of the examples. 

12. Removed namespace declarations from examples.

13. Corrected misspelling of “Authorty” in examples.

14. Modified processing rule for sender-vouches in Table of section 3.4 (to allow sender to vouch for itself).

15. Editing changes to the error codes section. In particular, replaced the word “generated” with “returned”, and rewrote the description of the mapping to 1.2 constructs.

16. Removed unused SAMLreqs and SAMLSecure from the references section.

17. Added footnote to explain optional support for SAML V1.0 assertions.

18. Removed section 3.3.4 “SAML Assertion referenced from SubjectConfirmation”, as  SAML is evolving in a manner that will make it unlikely that authorities will need to produce such assertions. Moved the description of SAML Assertions references occurring within KeyInfo of SubjectConfirmation to section 3.3.2 “SAML assertion referenced from KeyInfo”

19. From Section 3.3 “Identifying and referencing Security Tokens”, removed referencing a SAML assertion from KeyInfo of SubjectConfirmation from the five contexts in which SAML assertions may be referenced.

20. Moved description of SAML Assertion references occurring within KeyInfo of SubjectConfirmation to section 3.3.2

21. Added footnote to description of holder-of-key semantics in section 3.4.1.1 to describe interpretation of “held by the subject” phrase appearing in definition in [SAMLCore].

22. Updated contributors list

Download Document:  
http://www.oasis-open.org/apps/org/workgroup/wss/download.php/6271/WSS-SAML-10.pdf

View Document Details:
http://www.oasis-open.org/apps/org/workgroup/wss/document.php?document_id=6271


PLEASE NOTE:  If the above links do not work for you, your email application
may be breaking the link into two pieces.  You may be able to copy and paste
the entire link address into the address field of your web browser.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]