RE: SOAP-DSIG and OASIS WSS Soap message security from Martin Gudgin on 2004-05-09 (xml-dist-app@w3.org from May 2004)

From: Martin Gudgin <mgudgin@microsoft.com>
Date: Sun, 9 May 2004 13:35:17 -0700
To: "Juneja, Manoj" <manoj.juneja@intel.com>, <xml-dist-app@w3.org>
Message-ID: <DD35CC66F54D8248B6E04232892B6338020F3684@RED-MSG-43.redmond.corp.microsoft.com>

Manoj,
 
The OASIS WSS spec provides a framework for securing SOAP messages. This
framework is based on the notion of security tokens and the XMLDSIG and
XMLENC specs. You should find that the signatures specified by the OASIS
WSS spec are perfectly valid per the XMLDSIG spec. There are several
implementations of OASIS WSS ( including the XMLDSIG and XMLENC bits ).
Are you trying to talk to a particular vendors toolkit? Or are you
building your own?
 
Martin


________________________________

	From: xml-dist-app-request@w3.org
[mailto:xml-dist-app-request@w3.org] On Behalf Of Juneja, Manoj
	Sent: 08 May 2004 00:31
	To: xml-dist-app@w3.org
	Subject: SOAP-DSIG and OASIS WSS Soap message security
	
	

	Hi All,

	        Can someone on this list explain me how the SOAP-DSIG
specification (http://www.w3.org/TR/2001/NOTE-SOAP-dsig-20010206/)
relate to the OASIS WSS SOAP Message Security 1.0 specification? If I
have to make use of XML signature tags in my SOAP envelope then what
specification should I follow?

	 

	Thanks for the help.

	 

	Regards,

	manoj.

Received on Sunday, 9 May 2004 16:35:36 UTC