OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [wss-comment] recursive Security Token References

Thanks for the explanation, given this description it looks like you are looking for more of a general token carrier (bag-o-tokens) and not a reference mechanism. The STR was not designed as a bag-o-tokens but a means referencing tokens and key material that can't be referenced otherwise (as they may have closed content model).

Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
Inactive hide details for "Conor P. Cahill" <concahill@aol.com>"Conor P. Cahill" <concahill@aol.com>

          "Conor P. Cahill" <concahill@aol.com>

          08/31/2005 09:31 PM


Anthony Nadalin/Austin/IBM@IBMUS


"Tech Rams" <techmailing@yahoo.com>, "DeMartini, Thomas" <Thomas.DeMartini@CONTENTGUARD.COM>, wss@lists.oasis-open.org, wss-comment@lists.oasis-open.org


RE: [wss-comment] recursive Security Token References

Anthony Nadalin wrote on 8/31/2005, 8:20 PM:

> Can you state your use case ? as there may be other ways to solve this.

We have a service that will be invoked which potentially returns several
security tokens which may or may not be the same token used in different
contexts.   We want to use a carrier for the token because the recipient
of this message does not always need to understand the contents of the
security token (they would just relay it).

The situations we want to support include:

   1. A general purpose security token carrier -- the Embedded STR works
      for this.
   2. A reference to that carrier when the same token is used for
      multiple contexts  -- based on our discussions here, that
      apparantly is not allowed
   3. An STR embedded in the token carrier -- the recipient of the
      message would use the STR (rather than dereferencing it) in
      subsequent outgoing messages.  If we used STR for the token
      carrier, this would result in an STR which contains an embedded
      element which contains an STR.  I can only imagine the reaction to
      this structure here :-).
   4. A reference to an external token not included in the message.
      Thats a basic STR direct reference.

So the 2nd and I'm guessing the 3rd use cause heartaches here.


To unsubscribe, e-mail: wss-comment-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: wss-comment-help@lists.oasis-open.org

GIF image

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]