[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: WS-I BSP Request - Clarification of Timestamps with respect to Encryption
On behalf of the WS-I Basic Security Profile WG, I would like clarification from the TC on the intended semantics of Timestamps (Created and Expires). In particular are Timestamps intended to convey any semantic with respect to encrypted data or keys? As I see it there are two basic positions: 1. Timestamps only refer to Authentication acts, such as signatures. 2. Timestamps refer to all elements of the security header. If the indicated time is too far in the past, application data should not be decrypted, encrypted keys should not be used. Personally I believe #1 is the more sensible and practical interpretation, however others may disagree. What is the sense of the TC? Hal
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]