[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Proposed change to POST-SimpleSign bindingdraft 02
Scott Cantor wrote: > > But if you had a signed Response (signed as XML I mean), you should be > legally able to send it via the POST-SimpleSign binding as long as you also > include the simplified Signature as well. agreed. > The upshot is that there's just a single change to the last draft, making it > legal to leave the original XML Signature in place yes, more or less. we might then want to incorporate more of the original POST binding's security considerations wrt protocol msg being signed, or point to the orig binding for that info (its not that long, i'm leaning towards including it). JeffH
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]