W3C home > Mailing lists > Public > xml-dist-app@w3.org > May 2003

Re: Content-free Header and Body elements

From: Rich Salz <rsalz@datapower.com>
Date: Fri, 16 May 2003 10:03:55 -0400
Message-ID: <3EC4EFCB.3030605@datapower.com>
To: Marc Hadley <Marc.Hadley@Sun.COM>
CC: Martin Gudgin <mgudgin@microsoft.com>, Christopher B Ferris <chrisfer@us.ibm.com>, "xml-dist-app@w3.org" <xml-dist-app@w3.org> 

Marc Hadley wrote:
> One solution to this would be to leave part 1 unchanged and update the 
> SOAP message normalization note[1], adding removal of empty Header 
> elements to the algorithm.

That removes the ambiguity for signing, but if the original message but 
it doesn't allow anyone to add a header if the original message has no 
Header EII, as Gudge pointed out.  His belief is that this is not the 
intent.
	/r$

-- 
Rich Salz, Chief Security Architect
DataPower Technology         http://www.datapower.com
XS40 XML Security Gateway    http://www.datapower.com/products/xs40.html
Received on Friday, 16 May 2003 10:06:33 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:41:56 GMT