OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ws-sx] Issue 55: Clarification on RequireDerivedKeys and X509Token under AsymmetricBinding

From today's F2F draft minutes:

===
i055   Clarification on RequireDerivedKeys and X509Token under 
AsymmetricBinding   
http://lists.oasis-open.org/archives/ws-sx/200603/msg00121.html

The TC discussed this issue but it was not clear what use the case that
K. Venugopal was discussing.  The TC would like him to better explain
his use case so that we can understand the issue.
==

Please clarify your use case and/or restate your questions since the TC
does not yet understand your questions.

/paulc

Paul Cotton, Microsoft Canada
17 Eleanor Drive, Ottawa, Ontario K2E 6A3
Tel: (613) 225-5445 Fax: (425) 936-7329
mailto:Paul.Cotton@microsoft.com

 



> -----Original Message-----
> From: Marc Goodner [mailto:mgoodner@microsoft.com]
> Sent: March 31, 2006 10:32 AM
> To: K.Venugopal@Sun.COM; ws-sx@lists.oasis-open.org
> Subject: [ws-sx] Issue 55: Clarification on RequireDerivedKeys and
> X509Token under AsymmetricBinding
> 
> Logged as issue 55.
> 
> 
> -----Original Message-----
> From: K.Venugopal@Sun.COM [mailto:K.Venugopal@Sun.COM]
> Sent: Friday, March 31, 2006 6:33 AM
> To: ws-sx@lists.oasis-open.org
> Cc: Marc Goodner
> Subject: NEW Issue: Clarification on RequireDerivedKeys and X509Token
> under AsymmetricBinding
> 
> PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSION THREAD UNTIL
THE
> ISSUE IS ASSIGNED A NUMBER.
> The issues coordinators will notify the list when that has occurred.
> 
> Protocol:  ws-sp
> 
>
http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/17389/ws
> -securitypolicy-1.2-spec-ed-01-r05.pdf
> 
> Artifact: spec
> 
> Type:[design / editorial]
> 
> Title: Clarification on RequireDerivedKeys and X509Token under
> AsymmetricBinding
> 
> 
> Description:
> 
> What does it mean when we have X509Token( with RequireDerivedKeys
> assertion) under
> Initiator Token and Recipient Token of AsymmetricBinding. How are the
> keys derived when
> this is the policy configuration.
> 
> Trying to apply lines 795 and 796 apply here, should one generate two
> symmetric keys one for
> Initiator Token and Recipient Token, both encrypted for the recipient
?.
> 
> If the above is true then is the statement "encrypted with the key
> material associated with the token."
> on line 796 correct?.
> Eg: The Key associated with InitiatorToken on the client side is a
> client certificate and not the recipient certificate.
> 
> 
> Related issues:
> 
> None
> 
> Proposed Resolution:
> 
> None

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]