- From: Rich Salz <rsalz@datapower.com>
- Date: Fri, 16 May 2003 10:03:55 -0400
- To: Marc Hadley <Marc.Hadley@Sun.COM>
- CC: Martin Gudgin <mgudgin@microsoft.com>, Christopher B Ferris <chrisfer@us.ibm.com>, "xml-dist-app@w3.org" <xml-dist-app@w3.org>
Marc Hadley wrote: > One solution to this would be to leave part 1 unchanged and update the > SOAP message normalization note[1], adding removal of empty Header > elements to the algorithm. That removes the ambiguity for signing, but if the original message but it doesn't allow anyone to add a header if the original message has no Header EII, as Gudge pointed out. His belief is that this is not the intent. /r$ -- Rich Salz, Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
Received on Friday, 16 May 2003 10:06:33 UTC