[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Issue 80: Handling EncryptParts/Elements specified under SupportingTokens
Supporting tokens doesn't really have a notion of sender/recipient, but I take your more general point that it is possible to specify a token under SupportingTokens that, for one reason or another, can't be used to encrypt anything (perhaps because it is not associated with any key material, for example). If EncryptedParts/Elements assertions are present, this will result in an error. I could see adding some text to the supporting tokens section encouraging policy writers to make sure the tokens they specify can actually satisfy the other requirements they put into the supporting token assertion. Does that make sense? Gudge > -----Original Message----- > From: Marc Goodner [mailto:mgoodner@microsoft.com] > Sent: 28 June 2006 15:02 > To: K.Venugopal@Sun.COM; ws-sx@lists.oasis-open.org > Subject: [ws-sx] Issue 80: Handling EncryptParts/Elements > specified under SupportingTokens > > Issue 80... > > -----Original Message----- > From: K.Venugopal@Sun.COM [mailto:K.Venugopal@Sun.COM] > Sent: Wednesday, June 28, 2006 4:29 AM > To: ws-sx@lists.oasis-open.org > Cc: Marc Goodner > Subject: [ws-sx] New Issue : Handling EncryptParts/Elements specified > under SupportingTokens > > PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL > THE ISSUE IS ASSIGNED A NUMBER. > The issues coordinators will notify the list when that has occurred. > > Protocol : WS-SP > > Artifact : SPEC > > Type : design > > Title : Handling EncryptParts specified under SupportingTokens > > Description : > > It is not clear from the spec on how EncryptParts > specified under > supportingtokens need to be secured. > eg : If the X509Token present under a SupportingToken is that of the > sender , how can it be used to encrypt the message parts identified by > EncryptParts/Elements that are specified under the supporting token. > > <sp:SupportingTokens > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securit > ypolicy/In > cludeToken/Always"> > <wsp:Policy> > <sp:WssX509V3Token11 /> > </wsp:Policy> > </sp:X509Token> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:TripleDes /> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:EncryptedParts > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> > <sp:Body /> > </sp:EncryptedParts> > </wsp:Policy> > </sp:SupportingTokens> > > > Related issues: > > None > > Proposed Resolution: > > None > > > Regards , > Venu >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]