[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Issue 33: Identify security header components that are encrypted
Prateek, I couldn't find your original mail regarding Issue 33 in my archive so I'm starting another thread, hope that's OK... I think we discussed on one of the calls, that more things were signed than encrypted in the security header. However, certain things are encrypted, so perhaps we should rename the issue; "Identify security header components that are signed and/or encrypted" Is that what you would like to clarify? Or was it just encrypted elements? Or just signed elements? A quick look at Appendix C turns up, for the symmetric binding at least; SignedSupportingTokens SignedEndorsingSupportingTokens [Signature Token] in the case where [Token Protection] is set to true. as being signed and; Message signature in the case where [Encrypt Signature] is true as being encrypted. I guess I'm wondering whether it is worth stating a list of signed/encrypted elements at the binding level given that the presence of those elements depends on various property values and in some case the signing and/or encrypting depends on property values too. Gudge
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]