[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wss] Updated Interop Scenarios
Hello, Here are my comments on interop draft-04. - Lnes 320, 509 and 653: Each <xenc:EncryptedKey> element has "http://www.w3.org/2001/04/xmlenc#EncryptedKey" Type attribute. This value is the identifier for the <xenc:EncryptedKey> element itself and I think we don't need (should not?) specify it as a Type of a <xenc:EncryptedKey> element. From the "XML Encryption Syntax and Processing": | 3.5.1 The EncryptedKey Element | Identifer | Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey" | (This can be used within a ds:RetrievalMethod element to identify the | referent's type.) | <snip> | The Type attribute inheritted from EncryptedType can be used to | further specify the type of the encrypted key if the EncryptionMethod | Algorithm does not define a unambiguous encoding/representation. - Line 314: <xenc:EncryptionMethod> doesn't have the beggining "<". - Lines 617-619: | This section describes the processing performed by the Responder. If | an error is detected, the Responder MUST cease processing the message | and issue a Fault with a value of FailedAuthentication. Second message is received and processed by Requester. If an error is detected, what shoud Requester do? I guess just to show error message to the operator or write to a log file. - Lines 532 and 671: The value of the Algorithm attribute of the <CanonicalizationMethod> element is not quoted (from draft-04). - Lnes 381-382: The plus/minus signs must be synchronized with lines 298-299. - Lines 465, 607 and etc.: Though "The Body MUST be first signed and then encrypted", <Ping> or <PingResponse> element is encrypted in the examples in sections 5.4.4 and 5.5.4. What do we want to do? - Encrypt the <soap:Body> element (as the sentenses). - Encrypt the <Ping> element or <PingResponse> element in the <soap:Body> element (as the examples). - Encrypt the contents of the <soap:Body> element. In this case, the Type attribute of the <EncrypteData> element would be "#Content". --- Toshi --- NISHIMURA Toshihiro (FAMILY Given) nishimura.toshi@jp.fujitsu.com XML Application Technology Dept., PROJECT-A XML, FUJITSU LIMITED
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]