ws-sx message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: RE: [ws-sx] Issue PR013: Need EncryptedSupportingTokens assertion
- From: "Tony Gullotta" <tony.gullotta@soa.com>
- To: <ws-sx@lists.oasis-open.org>
- Date: Wed, 31 Jan 2007 08:02:01 -0800
In today's call
during the discussion of PR013 we were discussing encrypting a password of a
username token (or the whole token) without the need for a signature.
Couldn't the policy look something like this:
AsymmetricBindingAssertion
Initiator token:
UsernameToken
Recipient token:
X509Token
No
timestamp
EncryptedParts
UsernameToken
Wouldn't this work?
It wouldn't require a signature would it?
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]