[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] WSS 1.1 X509v3 URI Problem - Section 8.3
The Microsoft implementation also uses the definition from the X509 token profile. I also support Tony's proposal. /paulc ________________________________ From: Greg Whitehead Sent: August 8, 2006 2:22 PM To: Anthony Nadalin; Dana Kaufman; wss@lists.oasis-open.org Subject: Re: [wss] WSS 1.1 X509v3 URI Problem - Section 8.3 The HP implementation uses the definition from x509 token profile too, so we support that proposal. I don’t think it’s a problem to have non-normative examples in core that refer to profiles. The specs were developed together and it’s more useful to show real examples than contrived ones. -Greg On 8/8/06 12:53 PM, "Anthony Nadalin" <drsecure@us.ibm.com> wrote: It seems that we have interop documents (wss-interop1-draft-05.doc, wss-interop1-draft-06.doc and wss-interop2-draft-06.doc) that use the URI defined in SOAPMessageSecurity, and others use the URI defined in X509TokenProfile (wss-saml2-interop-draft-v41.doc) so there is a mismatch. From a product perspective IBM uses only the URI defined in the X509TokenProfile (http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3). So a proposal would be to remove the #x509v3 table entry at line 1399 of wss-v1.1-spec-os-SOAPMessageSecurity and then change the example in same document at lines 1514, 1915 and 1927 to use a custom token or if we want the core to be pointing to a profile then to http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3. Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]