[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] proposal for issue 250: add optional TokenType
Per our action from the last call, Ron and I discussed offline to see if there was a proposal we could reach consensus on for the next call. We decided to put two options forward for the TC to consider. Option 1: Close Issue 250 with no action. Option 2: Close Issue 250 according to Ron's email (http://lists.oasis-open.org/archives/wss/200501/msg00020.html). We think that each member of the TC needs to weigh the advantages of having 1.1 more closely resembling 1.0 (Option 1) against the advantages of having all 1.1 token referencing forms more closely resembling each other (Option 2). Once each member has determined which set of advantages are most important to them, the TC can have a vote at the Feb 8th call to determine which set of advantages are most important to the TC. &Thomas. ] >] >From: Ron Monzillo [mailto:Ronald.Monzillo@Sun.COM] ] >] >Sent: Wed 1/12/2005 9:23 AM ] >] >To: wss@lists.oasis-open.org ] >] >Subject: Re: [wss] proposal for issue 250: add optional TokenType ] >] > ] >] > ] >] > ] >] >Updated as we discussed in yesterday's meeting. ] >] > ] >] >The propoal is to make the following changes in 1.1 core. The changes ] >] >are described in the context of the draft of 1.1 core dated Dec. 13, ] >and ] >] >available at: ] >] > ] >] >http://www.oasis- ] >] ] >open.org/apps/org/workgroup/wss/download.php/10649/oasis-2004xx-wss-soa p ] >- ] >] message-security-1.1-changes.pdf ] >] > ] >] >Ron ] >] > ] >] >------ ] >] > ] >] >1. Add the following definition of the TokenType attribute (at ] >] >approximately line 689) of the definition of the STR element ] >] > ] >] >/wsse:SecurityTokenReference/@wsse:TokenType ] >] > ] >] >This optional attribute is used to identify, by URI, the type of the ] >] >referenced token. ] >] > ] >] >This specification recommends that token specific profiles define ] >] >appropriate token type identifying URI values, and that these same ] >] >profiles require that these values be specified in the profile ] >defined ] >] >reference forms. ] >] > ] >] >When a TokenType attribute is specified in conjunction with a ] >] >wsse:KeyIdentifier/@ValueType attribute or a ] >wsse:Reference/@ValueType ] >] >attribute that indicates the type of the referenced token, the ] >security ] >] >token type identified by the TokenType attribute MUST be consistent ] >with ] >] >the security token type identified by the ValueType attribute. ] >] > ] >] >2. make the corresponding change to add the TokenType attribute to ] >the ] >] >1.1 the schema. ] >] > ] >] >3. the following sentence was recently added to the ] >] >wsse:SecurityTokenReference/wsse:Reference/@ValueType attribute ] >] > ] >] > ] >] > ] >] >>>The ValueType attribute is RECOMMENDED for BinarySecurityToken and ] >746 ] >] >>>RECOMMENDED for Reference with non-local URI. ] >] >>> ] >] >>> ] >] >> ] >] >> ] >] >I recommend that this sentence be replaced with: ] >] > ] >] >The use of this attribute to identify the type of the referenced ] >] >security token is deprecated. Profiles which require or ] >] >recommend the use of this attribute to identify the type of the ] >] >referenced security token SHOULD evolve to require ] >] >or recommend the use of the ] >wsse:SecurityTokenReference/@wsse:TokenType ] >] >attribute to identify the type of the referenced token. ] >] > ] >] > ] >] > ] >] > ] >] >To unsubscribe from this mailing list (and be removed from the roster ] >of ] >] the OASIS TC), go to http://www.oasis- ] >] open.org/apps/org/workgroup/wss/members/leave_workgroup.php. ] >] > ] >] > ] >] > ] >] > ] >] > ] > ] > ] >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]