W3C home > Mailing lists > Public > public-xmlsec@w3.org > April 2010

RE: Processing Instructions for supporting Streaming mode?

From: Scott Cantor <cantor.2@osu.edu>
Date: Mon, 19 Apr 2010 13:09:46 -0400
To: "'Meiko Jensen'" <Meiko.Jensen@ruhr-uni-bochum.de>, "'Pratik Datta'" <pratik.datta@oracle.com>
Cc: "'XMLSec WG Public List'" <public-xmlsec@w3.org>
Message-ID: <00d301cadfe3$1ceb66c0$56c23440$@2@osu.edu>
> The troubles start when the signed contents start before you've read the
> SignedInfo (as e.g. in SAML tokens, since they use enveloped signatures).

Yes, but this creates a chicken/egg scenario with the specification (of SAML
in this example), and it's not at all a given that if you were going to
"solve" this by altering the signature profile or creating a new one that
you wouldn't solve it by punting on XML Signature altogether and just use a
"sign the blob" approach as an enveloping signature.

-- Scott
Received on Monday, 19 April 2010 17:10:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 19 April 2010 17:10:20 GMT