- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Fri, 28 Apr 2006 22:43:25 +0200
- To: <w3c-ietf-xmldsig@w3.org>
Received on Friday, 28 April 2006 20:44:22 UTC
http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf Reading this relatively recent document I get the impression that the XPath stuff that once were developed for use with XML Signatures, caused problems. The document says that enveloped-signature and exclusive canonicalization are the only Transform elements that a receiver MUST recognize. Although I prefer XPath as you can get away from ID tags and not have to worry about collisions, I guess that for a new standards effort, it would be foolish not to build on the experiences with SAML. I have one question though: Can anybody explain what InclusuveAttributes does and what happens if it is not specified? What prefixes should be specified? Those that are a part of the signed message? Anders Rundgren
Received on Friday, 28 April 2006 20:44:22 UTC