[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wss] Groups - WSS-SAML-11.pdf uploaded
Ron Monzillo wrote: > Dims, > > The sender-vouches example in 3.4.2.3 is perhaps a little more than it > seems. > > The example uses only SAML assertions, and thus there is > a holder-of-key assertion (referenced by STR 2) from keyInfo that is > being used to carry the key of the vouching sender. The sender-vouches > confirmed assertion is referenced from SignedInfo (by id = "#STR1") and > is being signed by the key in the holder-of-key assertion. > > The example could have used a keyIdentifier reference to an X509 cert > from > KeyInfo, but as I noted above, I was trying to show an all SAML example. > > If you think the example is not very helpful, I would be willing to > discuss > changing it I forgot to ask: Would it be sufficient if the paragraph preceding the example made these details clearer? Ron > > Ron > > Srinivas, Davanum M wrote: > >> Ron, >> >> Here's some feedback from my team --------------------- Feedback from >> Werner ------------------------- >> IMO there is a wrong example in the profile spec: >> chapter 3.4.2.3) contains a SAML Assertion which does not specifiy >> sender-vouches (holder-of-key instead). Seems to be a "copy-paste >> error"). Thus also the following references, KeyInfo etc. may be out of >> sync. >> --------------------- Feedback from Werner ------------------------- >> Thanks, >> dims >> >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]