wss message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Fw: Errors in WSS-Security specification and profiles
- From: Kelvin Lawrence <klawrenc@us.ibm.com>
- To: wss@lists.oasis-open.org
- Date: Mon, 7 Aug 2006 10:33:21 -0500
I received the following comments directly
to my work e-mail ID. With the sender's permission I am posting to the
WSS list so that the TC can also look at these comments.
Cheers
Kelvin
> Dear Kelvin Lawrence,
>
> I have found the following errors in the the specification and the
> profiles of WS-Security:
>
> 1. WS-Security Core Specification 1.1:
> Line 938: wsse:SecurityTokenReference element, a wsse:Embedded element,
a
> Should be: <wsse:SecurityTokenReference> element, a <wsse:Embedded>
> element, a
> Line 939: wsse:Reference element, or a wsse:KeyIdentifier element.
> Should be: <wsse:Reference> element, or a <wsse:KeyIdentifier>
element.
> Line 980: The <wsse:KeyIdentifier> element SHALL is placed in
the
> Should be: The <wsse:KeyIdentifier> element SHALL be placed
in the
> Line 1765: <wsse11:EncryptedHeader> then process as per section
9.5.2
> Decryption and stop
> Shoud be: <wsse11:EncryptedHeader> then process as per
section 9.4.2
> Decryption and stop
> Line 1769: 4. Decrypt the contents of the <xenc:EncryptedData>
element
> as per section 1769 ction 9.5.2
> Should be: 4. Decrypt the contents of the <xenc:EncryptedData>
element
> as per section 1769 ction 9.4.2
>
> 2. SAML Token Profile 1.1
> Table 1 Namespace Prefixes at Page 5:
> The namcespace for the prefix xenc should be
> http://www.w3.org/2001/04/xmlenc#
>
> 3. SOAP Message with Attachments (SwA) Profile 1.1
> The table between Line 162 and Line 163:
> No namespaces for the prefixes xenc and ds are defined, however
they
> are refered in the document.
> Section 5.3:
> All refered "Section 5.4.1" should be "Section
4.4.1"
> All refered "Section 5.4.2" should be "Section
4.4.2"
> The example between Line 519 and Line 566:
> There should be a empty line between Line 521 and 522, and between
> Line 565 and 566
> Line 617: Complete Reference Transform (Section 4.3.2) are to be
> included in the encryption. If a header listed in
> Should be: Complete Reference Transform (Section 5.3.2) are
to be
> included in the encryption. If a header listed in
>
> 4. X.509 Certificate Token Profile 1.1
> Line 204: X.509 SubjectKeyIdentifier reference. A subject key
> identifier may only be used to
> May be: X.509 SubjectKeyIdentifier reference. A subject key
identifier
> MAY only be used to
>
> Best regards,
>
> Lijun Liao
>
> --
> Dipl.-Ing. Lijun Liao
> Chair for Network and Data Security
> Ruhr-Universitaet Bochum
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]