[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: New Issue: Potential attack when using RST parameters from a target site - WS-SecurityPolicy part
PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER.
The issues coordinators will notify the list when that has occurred.
Title: Potential attack when using RST parameters from a target site - WS-SecurityPolicy part
The RequestSecurityTokenTemplate parameter of the IssuedToken assertion is critical to allow generalized token issuance policy, but allows possible RST parameter attacks because the requestor's parameters cannot be separated from those specified for the target site. See the description of the attack in the related WS-Trust issue description.
The same issue, WS-Trust part
Change the description of RequestSecurityTokenTemplate element on lines 910 - 914 to say that the contents is inserted into the wst:SecondaryParameters element of the RST instead of being placed directly as children of the wst:RequestSecurityToken element.