[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ws-sx] Updated proposal for Issue #31 - Richer Username TokenPolicies
Hal, this proposal works for us. Based on input from implementors, customers and other folk, we would support its inclusion in the specification. - prateek >I propose that lines 836-842 be replaced with: > >---- >/sp:UsernameToken >This identifies a UsernameToken assertion by default a password element >containing the plaintext password is included. >/sp:UsernameToken/@sp:IncludeToken >This optional attribute identifies the token inclusion value for this >token assertion. >/sp:UsernameToken/wsp:Policy >This optional element identifies additional requirements for use of the >sp:UsernameToken assertion. >/sp:UsernameToken/wsp:Policy/sp:NoPassword >This optional element indicates that the password element be omitted. >/sp:UsernameToken/wsp:Policy/sp:HashPassword >This optional element indicates that a password element be present and >contain a hash of the timestamp, nonce and password as defined in [WSS: >Username Token Profile]. >---- > >Also some editorial changes will be required to the introductory text at >the start of section 5.3.1 and the Syntax block. > >Hal > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]