http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf Reading this relatively recent document I get the impression that the XPath stuff that once were developed for use with XML Signatures, caused problems. The document says that enveloped-signature and exclusive canonicalization are the only Transform elements that a receiver MUST recognize. Although I prefer XPath as you can get away from ID tags and not have to worry about collisions, I guess that for a new standards effort, it would be foolish not to build on the experiences with SAML. I have one question though: Can anybody explain what InclusuveAttributes does and what happens if it is not specified? What prefixes should be specified? Those that are a part of the signed message? Anders RundgrenReceived on Friday, 28 April 2006 20:44:22 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 28 April 2006 20:44:22 GMT