You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by "vlad.balan" <vl...@gmail.com> on 2018/08/14 09:56:11 UTC
error in spec?
Hello and thanks for the response.
Maybe i'm wrong, but I think there's an error in this spec
http://docs.oasis-open.org/ws-sx/security-policy/examples/ws-sp-usecases-examples.html
The only example with "sp:InitiatorEncryptionToken" says in the comment
"Lines (P002) – (P035) contain the AsymmetricBinding assertion which
indicates that the recipient’s token must be used for both message signature
and encryption."
But we know from this spec
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/v1.3/os/ws-securitypolicy-1.3-spec-os.html#_Toc212617798
that sp:InitiatorEncryptionToken is used for encryption from receipient to
initiator. Not from intitiator to receipient, as it is implied in the first
spec above and seen in the concrete example just bellow that line.
Thanks.
--
Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html