Subject: New Issue: Add wsc:Length attribute to the Implied derived key
PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. The issues coordinators will notify the list when that has occurred. Protocol: ws-secureconversation http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/17401/ws -secureconversation-1.3-spec-ed-01-r04.pdf Artifact: spec Type: design Title: Add wsc:Length attribute to the Implied derived key Description: The section 7.3 describes how to use a shortcut mechanism to derive keys using security token reference. This issue proposes to add a wsc:Length attribute description to this section to define the length of the derived key. The reason for adding @wsc:Length is to allow sender to specify the length of the derived key for the recipient. Currently there is no way how to pass this information for implied derived keys. Additionally, no default value is currently defined for the implied derived key mechanism. Related issues: None. Proposed Resolution: The proposal is to add the following text after line 883: The @wsc:Length attribute can be used in conjunction with @wsc:Nonce in the security token reference (STR) to indicate the length of the derived key. The value of this attribute is an unsigned long value indicating the size of the key in bytes. If this attribute isn't specified, the default derived key length value is 32.