- From: <Frederick.Hirsch@nokia.com>
- Date: Thu, 24 Mar 2011 22:06:03 +0000
- To: <Meiko.Jensen@ruhr-uni-bochum.de>
- CC: <Frederick.Hirsch@nokia.com>, <public-xmlsec@w3.org>
- Message-ID: <8AFA6BC9-A1E3-4E69-8829-067A9CBF9F5E@nokia.com>
Meiko, Thanks for creating an example. I reviewed it and made the following changes, attached: 1. WS-Security uses wsse:Security as the security element within the SOAP header, so changed to that from nrns:SecurityHeader 2. Switched to using Security Token Reference from KeyValue to binary security token (with DSA X509 cert). 3. Added explicit ds: prefix to all xml security elements as is common in SOAP examples 4. Added c14n2: prefix for C14N2 elements in two places. 5. changed dsig2:Verification DigestDataLength to "32" to reflect SHA-256 output length. Not sure where 175 came from, but am probably missing something obvious right now. 6. Changed soap body operation to be in the ex: namespace using example.com Probably introduced an error but did not declare ex: namespace before soap:Body even though used in XPath. Will this be an error? comment? regards, Frederick Frederick Hirsch Nokia On Mar 16, 2011, at 9:11 AM, ext Meiko Jensen wrote: > Dear all, > > I found some time to reiterate my initial example for the DSig2.0 > syntax. Again, I'm not claiming it to be complete nor correct, but > according to my understanding of what we specified so far, this is what > it should look like. Please note that for the sake of an example I > listed some c14n parameters even though they keep their default values > (and hence may also be omitted). I recommend developing a second example > for ID-based referencing, which should look somewhat similar, but for > now we at least should have something to start from. > > cheers > > Meiko > > -- > Dipl.-Inf. Meiko Jensen > Chair for Network and Data Security > Horst Görtz Institute for IT-Security > Ruhr University Bochum, Germany > _____________________________ > Universitätsstr. 150, Geb. ID 2/411 > D-44801 Bochum, Germany > Phone: +49 (0) 234 / 32-26796 > Telefax: +49 (0) 234 / 32-14347 > http:// www.nds.rub.de > > <sig2example.txt>
Attachments
- text/plain attachment: sig2example2.xml.txt
Received on Thursday, 24 March 2011 22:06:45 UTC