OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: proposed resolution to issue 290

My rev 13 of the stp assumes the following resolution to issue 290

Ron
-------- Original Message --------
Subject: 	Re: encoding type of keyIdentifiers Issue 290 (proposa
Date: 	Wed, 30 Jun 2004 17:55:54 -0400
From: 	Ron Monzillo <ronald.monzillo@sun.com>
To: 	ckaler <ckaler@microsoft.com>, drsecure@us.ibm.com, Michael 
McIntosh <mikemci@us.ibm.com>



Please let me know if you accept the following.
-----------------
I believe we agreed that the resolution to this issue should be a change
to core such that it allows token specific profiles to define KeyIdentifier
encoding types when other than Base64Binary is appropriate.

We considered a few alternatives, including one where any encoding except
Base64Binary would need to be declared. A comment was also made, that
ValueType should be sufficient to convey EncodingType when the ValueType
is expected to be conveyed using a single EncodingType. I propose that core
be changed as follows. This will preserve existing KeyIdentfier forms, while
freeing new valueTypes to employ a ValueType specific encoding.

The core spec currently says the following

757: /wsse:SecurityTokenReference/wsse:KeyIdentifier/@EncodingType
758: The optional EncodingType attribute is used to indicate, using a
URI, the encoding
759: format of the KeyIdentifier (#Base64Binary). The base values
defined in this
760: specification are used (Note that URI fragments are relative to
this document's URI):

change it to read:

757: /wsse:SecurityTokenReference/wsse:KeyIdentifier/@EncodingType
758: The optional EncodingType attribute is used to indicate, using a
URI, the encoding
759: format of the KeyIdentifier value. This specification defines the
EncodingType URI values appearing in the following table. A token specific
profile MAY define additional token specific EncodingType URI values.
A KeyIdentifier MUST include an EncodingType attribute when its ValueType
is not sufficient to identify its encoding type and its encoding
type is other than the default identified in the following table.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]