[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] XrML: Multiple Grants
I think it is your last proposal ("there [being] only one keyHolder
principal across those grants") that we should go with.
Assuming this is okay, I can go ahead and make the edits today. I also
have to update the URIs in the document and can upload both edits at
once.
&Thomas.
-----Original Message-----
From: Vijay Gajjala [mailto:vijayg@microsoft.com]
Sent: Wednesday, April 28, 2004 12:45 PM
To: wss@lists.oasis-open.org
Subject: [wss] XrML: Multiple Grants
Greetings,
The XrML token profile spec referes to a scenario where a license
contains a grant with a KeyHolder principal identifying a key which is
used to sign the message. The KeyInfo element in the signature contains
a SecurityTokenReference to the license containing the grant in
question.
However, the spec does not state that only one grant with a keyHolder
principal may be present in the license, nor does it seem to provide any
mechanism for identifying which grant contains the key data to verify
the signature (in the case where there are multiple grants with
KeyHolder principals present in the license).
Can we assume that only one grant with a keyHolder principal is allowed
in a license? Should we assume that there some mechanism for identifing
a particular grant within a license? Or, if there are multiple grants,
can we assume that there is only one keyHolder principal across those
grants?
Thanks
Vijay
To unsubscribe from this mailing list (and be removed from the roster of
the OASIS TC), go to
http://www.oasis-open.org/apps/org/workgroup/wss/members/leave_workgroup
.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]