OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [wss] SwA profile Issue 364 action for TC members


+1

 

Dana S. Kaufman

VP of Product Management

Forum Systems, Inc.

Tel: (781) 788-4232

E-Mail: dkaufman@forumsys.com

Visit http://www.forumsys.com

 


From: Anthony Nadalin [mailto:drsecure@us.ibm.com]
Sent: Wednesday, May 04, 2005 5:06 PM
To: Frederick.Hirsch@nokia.com
Cc: wss@lists.oasis-open.org
Subject: Re: [wss] SwA profile Issue 364 action for TC members

 

How can you canonicalize if you don't know what is all there and if canonicalization makes sense ? I would say that we should just treat these as opaque.

Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
Inactive hide details for <Frederick.Hirsch@nokia.com><Frederick.Hirsch@nokia.com>

<Frederick.Hirsch@nokia.com>

05/04/2005 03:59 PM

To


<wss@lists.oasis-open.org>

cc

Subject


[wss] SwA profile Issue 364 action for TC members

 


There is one major open issue for the SwA profile, which is whether XML attachments require XML canonicalization. This is issue 364 [1]

TC members

(a) argued against requiring canonicalization [2], [3] and treating XML attachments as opaque. The Committee Draft reflected the TC viewpoint [4].

(b) Brian submitted a comment at the end of public review arguing that canonicalization should be considered [5]. Draft 16 incorporated proposed text to follow this recommendation, requiring canonicalization (see section 3) [6]

(c) Members of the TC argued against this. Their logic is reflected in the latest draft, draft 18. [7] These arguments were not recorded on the mail list, so please make them on the list now.

Brian has provided additional rationale [8] and some of these members have revised their viewpoint [9]

As editor I'd like the TC to decide on the correct action before I make any additional change to the profile. Should I change to require XML canonicalization? Should I use the text provided in draft 16 on this topic?

Please send a message to the WSS list indicating support for requiring XML canonicalization or for leaving draft 18 as it is on this issue. Better yet, propose specific changes to draft 18.

It would help move this document forward for the TC to be able to make a decision on the next call, scheduled for 17 May. We also need to consider whether this change would require additional interop and/or public review.

Thanks

regards, Frederick

Frederick Hirsch
Nokia

[1] http://www.oasis-open.org/apps/org/workgroup/wss/download.php/12467/OASIS%20Web%20Services%20Security%20Issues%20List%2065.htm

[2]
http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200408/msg00072.html

[3] http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200407/msg00034.html

[4] http://www.oasis-open.org/apps/org/workgroup/wss/download.php/10902/wss-swa-profile-1.0-cd-01.pdf

[5] http://lists.oasis-open.org/archives/wss-comment/200502/msg00004.html (item #4)

and

http://lists.oasis-open.org/archives/wss-comment/200502/msg00006.html

[6] http://www.oasis-open.org/apps/org/workgroup/wss/download.php/11700/wss-swa-profile-1.0-draft-16-diff.pdf

[7] http://www.oasis-open.org/apps/org/workgroup/wss/download.php/12407/wss-swa-profile-1.0-draft-18-diff.pdf

[8] http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200504/msg00017.html

[9] http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200505/msg00001.html





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]