You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by "vlad.balan" <vl...@gmail.com> on 2018/08/14 09:56:11 UTC

error in spec?

Hello and thanks for the response.

Maybe i'm wrong, but I think there's an error in this spec

http://docs.oasis-open.org/ws-sx/security-policy/examples/ws-sp-usecases-examples.html


The only example with "sp:InitiatorEncryptionToken" says in the comment

"Lines (P002) – (P035) contain the AsymmetricBinding assertion which
indicates that the recipient’s token must be used for both message signature
and encryption."



But we know from this spec 

http://docs.oasis-open.org/ws-sx/ws-securitypolicy/v1.3/os/ws-securitypolicy-1.3-spec-os.html#_Toc212617798

that sp:InitiatorEncryptionToken is used for encryption from receipient to
initiator. Not from intitiator to receipient, as it is implied in the first
spec above and seen in the concrete example just bellow that line.


Thanks.




--
Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html