[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Signature Verification Output
Tony, Agreed. This is exactly what I said in my reply to Trevor's question. The requester should determine whether he wants to get back the signed-data information or not. /Gregor > -----Original Message----- > From: Anthony Nadalin [mailto:drsecure@us.ibm.com] > Sent: Tuesday, April 01, 2003 3:02 PM > To: dss@lists.oasis-open.org > Subject: RE: [dss] Signature Verification Output > > > > > > > The key here is MAY want to return information, as some > clients may not be able to process the information and can't > handle passing any information back > > Anthony Nadalin | work 512.436.9568 | cell 512.289.4122 > > > |---------+----------------------------> > | | "Gregor | > | | Karlinger" | > | | <gregor.karlinger| > | | @cio.gv.at> | > | | | > | | 04/01/2003 12:49 | > | | AM | > |---------+----------------------------> > > >------------------------------------------------------------- > -------------------------------------------------------------- > -------------------| > | > > | > | To: Anthony Nadalin/Austin/IBM@IBMUS > > | > | cc: <dss@lists.oasis-open.org> > > | > | Subject: RE: [dss] Signature Verification Output > > | > > >------------------------------------------------------------- > -------------------------------------------------------------- > -------------------| > > > > > Tony, > > I am sure there are a lot situations where the requestor > wants to know what is the information actually signed by the > signtature. > > What's the worth of a signature if I do not know what the > signature is about? > > /Gregor > > > -----Original Message----- > > From: Anthony Nadalin [mailto:drsecure@us.ibm.com] > > Sent: Monday, March 31, 2003 10:40 PM > > To: dss@lists.oasis-open.org > > Subject: Re: [dss] Signature Verification Output > > [...] > > > Why isn't this a "validation service" ? In most cases the "client" > > (should be requestor here) won't know what to do with the > transformed > > data, and other signature-related info. How does this fit into > > signing/validating WS-Security headers ? > > [...] > > >> One big remaining question: does the verification service just: > >> A) verify the signature (return true/false), or > >> B) return the transformed data, and other > signature-related info to > >> the client in an easy-to-read form > >> > >> The current requirements document says the latter (3.7.2 > and 3.7.3), > >> but that's tentative. Should those sections stay in or not? > >> > >> Trevor > > > > #### smime.p7s has been removed from this note on April 01, > 2003 by Anthony Nadalin > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]