[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Issue 55: Clarification on RequireDerivedKeys and X509Token under AsymmetricBinding
Logged as issue 55. -----Original Message----- From: K.Venugopal@Sun.COM [mailto:K.Venugopal@Sun.COM] Sent: Friday, March 31, 2006 6:33 AM To: ws-sx@lists.oasis-open.org Cc: Marc Goodner Subject: NEW Issue: Clarification on RequireDerivedKeys and X509Token under AsymmetricBinding PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSION THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. The issues coordinators will notify the list when that has occurred. Protocol: ws-sp http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/17389/ws -securitypolicy-1.2-spec-ed-01-r05.pdf Artifact: spec Type:[design / editorial] Title: Clarification on RequireDerivedKeys and X509Token under AsymmetricBinding Description: What does it mean when we have X509Token( with RequireDerivedKeys assertion) under Initiator Token and Recipient Token of AsymmetricBinding. How are the keys derived when this is the policy configuration. Trying to apply lines 795 and 796 apply here, should one generate two symmetric keys one for Initiator Token and Recipient Token, both encrypted for the recipient ?. If the above is true then is the statement "encrypted with the key material associated with the token." on line 796 correct?. Eg: The Key associated with InitiatorToken on the client side is a client certificate and not the recipient certificate. Related issues: None Proposed Resolution: None
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]