[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ws-sx] Issue 80: Handling EncryptParts/Elements specified underSupportingTokens
Venu wrote: > Hi Martin, > > Martin Gudgin wrote: >> Supporting tokens doesn't really have a notion of sender/recipient, but >> I take your more general point that it is possible to specify a token >> under SupportingTokens that, for one reason or another, can't be used to >> encrypt anything (perhaps because it is not associated with any key >> material, for example). If EncryptedParts/Elements assertions are >> present, this will result in an error. >> I could see adding some text to the supporting tokens section >> encouraging policy writers to make sure the tokens they specify can >> actually satisfy the other requirements they put into the supporting >> token assertion. >> Does that make sense? >> > this works for me. Would also appreciate if the text clarified the behavior of SignedParts,EncryptParts under various SupportingTokens when TransportBinding is used Thanks, Venu > > Thanks, > Venu >> Gudge >> >> >> >>> -----Original Message----- >>> From: Marc Goodner [mailto:mgoodner@microsoft.com] Sent: 28 June >>> 2006 15:02 >>> To: K.Venugopal@Sun.COM; ws-sx@lists.oasis-open.org >>> Subject: [ws-sx] Issue 80: Handling EncryptParts/Elements specified >>> under SupportingTokens >>> >>> Issue 80... >>> >>> -----Original Message----- >>> From: K.Venugopal@Sun.COM [mailto:K.Venugopal@Sun.COM] Sent: >>> Wednesday, June 28, 2006 4:29 AM >>> To: ws-sx@lists.oasis-open.org >>> Cc: Marc Goodner >>> Subject: [ws-sx] New Issue : Handling EncryptParts/Elements specified >>> under SupportingTokens >>> >>> PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL >>> THE ISSUE IS ASSIGNED A NUMBER. >>> The issues coordinators will notify the list when that has occurred. >>> >>> Protocol : WS-SP >>> >>> Artifact : SPEC >>> >>> Type : design >>> >>> Title : Handling EncryptParts specified under SupportingTokens >>> >>> Description : >>> >>> It is not clear from the spec on how EncryptParts specified >>> under >>> supportingtokens need to be secured. >>> eg : If the X509Token present under a SupportingToken is that of the >>> sender , how can it be used to encrypt the message parts identified by >>> EncryptParts/Elements that are specified under the supporting token. >>> >>> <sp:SupportingTokens >>> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> >>> <wsp:Policy> >>> <sp:X509Token >>> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securit >>> ypolicy/In >>> cludeToken/Always"> >>> <wsp:Policy> >>> <sp:WssX509V3Token11 /> >>> </wsp:Policy> >>> </sp:X509Token> >>> <sp:AlgorithmSuite> >>> <wsp:Policy> >>> <sp:TripleDes /> >>> </wsp:Policy> >>> </sp:AlgorithmSuite> >>> <sp:EncryptedParts >>> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> >>> <sp:Body /> >>> </sp:EncryptedParts> >>> </wsp:Policy> >>> </sp:SupportingTokens> >>> >>> >>> Related issues: >>> >>> None >>> >>> Proposed Resolution: >>> >>> None >>> >>> >>> Regards , >>> Venu >>> >>> >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]