[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Updated proposal for Issue #31 - Richer Username Token Policies
I propose that lines 836-842 be replaced with: ---- /sp:UsernameToken This identifies a UsernameToken assertion by default a password element containing the plaintext password is included. /sp:UsernameToken/@sp:IncludeToken This optional attribute identifies the token inclusion value for this token assertion. /sp:UsernameToken/wsp:Policy This optional element identifies additional requirements for use of the sp:UsernameToken assertion. /sp:UsernameToken/wsp:Policy/sp:NoPassword This optional element indicates that the password element be omitted. /sp:UsernameToken/wsp:Policy/sp:HashPassword This optional element indicates that a password element be present and contain a hash of the timestamp, nonce and password as defined in [WSS: Username Token Profile]. ---- Also some editorial changes will be required to the introductory text at the start of section 5.3.1 and the Syntax block. Hal
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]