[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ws-sx] Issue 80: Handling EncryptParts/Elements specified underSupportingTokens
Hi Martin, Martin Gudgin wrote: > Supporting tokens doesn't really have a notion of sender/recipient, but > I take your more general point that it is possible to specify a token > under SupportingTokens that, for one reason or another, can't be used to > encrypt anything (perhaps because it is not associated with any key > material, for example). If EncryptedParts/Elements assertions are > present, this will result in an error. > > I could see adding some text to the supporting tokens section > encouraging policy writers to make sure the tokens they specify can > actually satisfy the other requirements they put into the supporting > token assertion. > > Does that make sense? > this works for me. Thanks, Venu > Gudge > > > >> -----Original Message----- >> From: Marc Goodner [mailto:mgoodner@microsoft.com] >> Sent: 28 June 2006 15:02 >> To: K.Venugopal@Sun.COM; ws-sx@lists.oasis-open.org >> Subject: [ws-sx] Issue 80: Handling EncryptParts/Elements >> specified under SupportingTokens >> >> Issue 80... >> >> -----Original Message----- >> From: K.Venugopal@Sun.COM [mailto:K.Venugopal@Sun.COM] >> Sent: Wednesday, June 28, 2006 4:29 AM >> To: ws-sx@lists.oasis-open.org >> Cc: Marc Goodner >> Subject: [ws-sx] New Issue : Handling EncryptParts/Elements specified >> under SupportingTokens >> >> PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL >> THE ISSUE IS ASSIGNED A NUMBER. >> The issues coordinators will notify the list when that has occurred. >> >> Protocol : WS-SP >> >> Artifact : SPEC >> >> Type : design >> >> Title : Handling EncryptParts specified under SupportingTokens >> >> Description : >> >> It is not clear from the spec on how EncryptParts >> specified under >> supportingtokens need to be secured. >> eg : If the X509Token present under a SupportingToken is that of the >> sender , how can it be used to encrypt the message parts identified by >> EncryptParts/Elements that are specified under the supporting token. >> >> <sp:SupportingTokens >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> >> <wsp:Policy> >> <sp:X509Token >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securit >> ypolicy/In >> cludeToken/Always"> >> <wsp:Policy> >> <sp:WssX509V3Token11 /> >> </wsp:Policy> >> </sp:X509Token> >> <sp:AlgorithmSuite> >> <wsp:Policy> >> <sp:TripleDes /> >> </wsp:Policy> >> </sp:AlgorithmSuite> >> <sp:EncryptedParts >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> >> <sp:Body /> >> </sp:EncryptedParts> >> </wsp:Policy> >> </sp:SupportingTokens> >> >> >> Related issues: >> >> None >> >> Proposed Resolution: >> >> None >> >> >> Regards , >> Venu >> >>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]