OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Pkipath


This is a question from a new project (likely to become one of, if not the, the biggest AS4 deployments worldwide) that has many certificates and many CAs.

For AS4 security signature validation, there is a discussion to mandate the use of full certificate chains rather than just the leaf certificate in the message. This is the #X509PKIPathv1 option described in:


For products that use WSS security policy, this can be configured by setting /sp:X509Token/wsp:Policy/sp:WssX509PkiPathV1Token11

Those of you that have AS4 products, does your product support this feature today?

Those of you that have AS4 products, and that use WSS security policy, could you try using a policy that uses /sp:X509Token/wsp:Policy/sp:WssX509PkiPathV1Token11 and see if it works?



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]