[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Updated proposal for Issue #31 - Richer Username Token Policies
The nonce and timestamp are used with a password hash which is covered by the <HashPassword> assertion. Hal > -----Original Message----- > From: Prateek Mishra [mailto:prateek.mishra@oracle.com] > Sent: Tuesday, June 20, 2006 4:05 PM > To: Hal Lockhart > Cc: ws-sx@lists.oasis-open.org > Subject: Re: [ws-sx] Updated proposal for Issue #31 - Richer Username > Token Policies > > [HL] > > > > >---- > >/sp:UsernameToken > >This identifies a UsernameToken assertion by default a password element > >containing the plaintext password is included. > > > > > [\HL] > > Does this also mean that a nonce and timestamp are NOT included? >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]