Hi Nandana, Nice illustration of the policies and features !
I guess we can add all these scenarios to cover WS-Security 1.0, WS-Security 1.1 and WS-SecConv cases. I believe we have a few policies in WSAS already with different key sizes. This is because some people might not have unlimited strength jurisdiction policy installed. What do you think about enforcing this and sticking to only Basic256 algo suite? Then we can simply stick to this set of policies and the WS-Trust policies we already have. Thanks, Ruchith Nandana Mihindukulasooriya wrote: > Hi Devs, > > As we don't have time to implement the proposed wizard, we can bring new > some policies as mentioned in the JIRA [1]. > > - Authentication Only > - Confidentiality Only > - Confidentiality & Integrity > - Confidentiality & Authentication > - Confidentiality & Integrity & Authentication > - Integrity only > - Non-repudiation > > > Following are the policies resulted in the discussion we had yesterday. > Please > point out if any of those policies doesn't provide the security requirement > mentioned. > http://wiki.apache.org/general/NandanaMihindukulasooriya/WSAS/Policies > > What are the policies we bring in to WSAS ? > > Thoughts ? > > Thanks, > Nandana > > https://wso2.org/jira/browse/WSAS-623 > > > ------------------------------------------------------------------------ > > _______________________________________________ > Wsas-java-dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/wsas-java-dev
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Wsas-java-dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/wsas-java-dev
