OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: additional issue for issues list

We should add an issue based on the following comment on the public comments list. The comment email includes a proposed resolution.

I would suggest changing the proposed resolution by replacing "MUST" with "outside a wsse:Security header MUST".

Issue relates to wording on lines 814-816 in the latest


regards, Frederick
Frederick Hirsch

Public comment:

Subject: STRs outside of <wsse:Security> header

From: "Conor P. Cahill" <concahill@aol.com>
To: wss-comment@lists.oasis-open.org
Date: Thu, 18 Aug 2005 17:23:15 -0400

Lines 812-814 of the core specificatoin require that uses of the STR
outside of a Security header require that "the meaning of the
response and/or the processing of the reulting references MUST
be specified by the containing element ... "

This is a bit confusing as a "containing element" doesn't typically
specify processing rules (yes, the specification for that containing
element may do so).  This also restricts one from profiling a use of an
STR within an extension area defined in another specification (such as a
profile of using an STR as a child of the WS-Addressing <Metadata> EPR

I would like to propose that we change this to someting along the lines of:

Any use of an STR outside of the Security header is outside the scope of
this specification.  Entities desiring to use the STR element MUST
profile the  meaning of the response and/or the processing of the
resulting references.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]