Hi, Is there now an existing implementation of the UsernameTokenSignature "Problem"? Because my implementation is using only a UsernameToken and I want to implement more security, but without using keys.
Greets, Steve -----Mensagem original----- De: Davanum Srinivas [mailto:[EMAIL PROTECTED] Enviada em: terça-feira, 21 de junho de 2005 10:53 Para: Dittmann, Werner Cc: Granqvist, Hans; [email protected] Assunto: Re: How to configure UsernameTokenSignature Hi Werner, updated the specs directory. Please take a look and let me know if you need something else. -- dims On 6/21/05, Dittmann, Werner <[EMAIL PROTECTED]> wrote: > Hans, > > are the drafts publicly available? Can't find > them on the OASIS WSS pages. > > Regards, > Werner > > > -----Ursprüngliche Nachricht----- > > Von: Granqvist, Hans [mailto:[EMAIL PROTECTED] > > Gesendet: Montag, 20. Juni 2005 17:31 > > An: [email protected] > > Betreff: RE: How to configure UsernameTokenSignature > > > > > > > <quote> > > > The Username Token profile does not currently define a key > > > derivation algorithm. The OASIS WSS TC is expected to address > > > this issue in a subsequent specification. </quote> > > > > The latest (March 2005 and onward) WSS 1.1 draft of the > > UsernameToken profile defines key derivation in section 4. > > > > Hans > > > -- Davanum Srinivas -http://blogs.cocoondev.org/dims/
