[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Issue 55: Clarification on RequireDerivedKeys and X509Token under AsymmetricBinding
From today's F2F draft minutes: === i055 Clarification on RequireDerivedKeys and X509Token under AsymmetricBinding http://lists.oasis-open.org/archives/ws-sx/200603/msg00121.html The TC discussed this issue but it was not clear what use the case that K. Venugopal was discussing. The TC would like him to better explain his use case so that we can understand the issue. == Please clarify your use case and/or restate your questions since the TC does not yet understand your questions. /paulc Paul Cotton, Microsoft Canada 17 Eleanor Drive, Ottawa, Ontario K2E 6A3 Tel: (613) 225-5445 Fax: (425) 936-7329 mailto:Paul.Cotton@microsoft.com > -----Original Message----- > From: Marc Goodner [mailto:mgoodner@microsoft.com] > Sent: March 31, 2006 10:32 AM > To: K.Venugopal@Sun.COM; ws-sx@lists.oasis-open.org > Subject: [ws-sx] Issue 55: Clarification on RequireDerivedKeys and > X509Token under AsymmetricBinding > > Logged as issue 55. > > > -----Original Message----- > From: K.Venugopal@Sun.COM [mailto:K.Venugopal@Sun.COM] > Sent: Friday, March 31, 2006 6:33 AM > To: ws-sx@lists.oasis-open.org > Cc: Marc Goodner > Subject: NEW Issue: Clarification on RequireDerivedKeys and X509Token > under AsymmetricBinding > > PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSION THREAD UNTIL THE > ISSUE IS ASSIGNED A NUMBER. > The issues coordinators will notify the list when that has occurred. > > Protocol: ws-sp > > http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/17389/ws > -securitypolicy-1.2-spec-ed-01-r05.pdf > > Artifact: spec > > Type:[design / editorial] > > Title: Clarification on RequireDerivedKeys and X509Token under > AsymmetricBinding > > > Description: > > What does it mean when we have X509Token( with RequireDerivedKeys > assertion) under > Initiator Token and Recipient Token of AsymmetricBinding. How are the > keys derived when > this is the policy configuration. > > Trying to apply lines 795 and 796 apply here, should one generate two > symmetric keys one for > Initiator Token and Recipient Token, both encrypted for the recipient ?. > > If the above is true then is the statement "encrypted with the key > material associated with the token." > on line 796 correct?. > Eg: The Key associated with InitiatorToken on the client side is a > client certificate and not the recipient certificate. > > > Related issues: > > None > > Proposed Resolution: > > None
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]