W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2006

XPath Transforms Deprecated in SAML 2.0

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Fri, 28 Apr 2006 22:43:25 +0200
Message-ID: <00e401c66b04$65dd4900$82c5a8c0@arport2v>
To: <w3c-ietf-xmldsig@w3.org>
http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf

Reading this relatively recent document I get the impression that the XPath stuff that once were developed for use with XML Signatures, caused problems.

The document says that enveloped-signature and exclusive canonicalization are the only Transform elements that a receiver MUST recognize.

Although I prefer XPath as you can get away from ID tags and not have to worry about collisions, I guess that for a new standards effort, it would be foolish not to build on the experiences with SAML.

I have one question though: Can anybody explain what InclusuveAttributes does and what happens if it is not specified?  What prefixes should be specified?  Those that are a part of the signed message?

Anders Rundgren
Received on Friday, 28 April 2006 20:44:22 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:40 UTC