W3C home > Mailing lists > Public > public-ws-addressing@w3.org > December 2004

Re: i008 - Marking RefProps/RefParams using attributes [Take #2]

From: Rich Salz <rsalz@datapower.com>
Date: Wed, 15 Dec 2004 13:54:06 -0500
Message-ID: <41C0884E.4090802@datapower.com>
To: "Srinivas, Davanum M" <Davanum.Srinivas@ca.com>
CC: public-ws-addressing@w3.org 

> Here's the re-worked proposal…dropping the <wsa:RefPs> element as per 
> Jonathan [1]

+1

As for the security issues, they're not that big a deal.  It means taht 
under some circumstances, signing a refp element will require that the 
signature reference (dsig:Reference element) use an XPath transformation 
to omit the attribute when signing the element.

And since the refps are now "generically visible," this addresses the 
security concerns I've been raising.
	/r$
-- 
Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html
Received on Wednesday, 15 December 2004 18:45:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:35:00 GMT