You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by Christian Mielke <cm...@nc-ag.de> on 2008/01/23 14:04:35 UTC

Re: Entropy for PublicKey ADDITION!!!!

Hi!
I must add that I want to use PublicKey as KeyType and I want to use ServerEntropy. Is this possible? But I have read that when Public Key is used, no ProofToken will be sent in the TokenResponse. When I then get the Token on the client side and I have it as object I must use the "Token.setSecret-Method". But which secret shall I set there?

Greetings
Chris


----- original Nachricht --------

Betreff: Entropy for PublicKey
Gesendet: Mi, 23. Jan 2008
Von: Christian Mielke<cm...@nc-ag.de>

> Hi!
> I want to issue SAML tokens with my token service. For KeyType I want to use
> PublicKey and not SymmetricKey. When I want to use PublicKey, does the
> client have to send an entropy? And if yes, which one? A random generated or
> generated out of his certificate?
> With kind regards
> Christian
> 

--- original Nachricht Ende ----

Re: Entropy for PublicKey ADDITION!!!!

Posted by Nandana Mihindukulasooriya <na...@gmail.com>.

Hi Chris,
       IFAIK, If you use PublicKey as the key type and the holder of key
subject confirmation method,
the public key of certificates you used to sign the messages to STS will be
used as the Public
key. So you can set the private  key of that certificate as the secret of
the token.

Thanks,
Nandana

On Jan 23, 2008 6:34 PM, Christian Mielke <cm...@nc-ag.de> wrote:

> Hi!
> I must add that I want to use PublicKey as KeyType and I want to use
> ServerEntropy. Is this possible? But I have read that when Public Key is
> used, no ProofToken will be sent in the TokenResponse. When I then get the
> Token on the client side and I have it as object I must use the "
> Token.setSecret-Method". But which secret shall I set there?
>
> Greetings
> Chris
>
>
> ----- original Nachricht --------
>
> Betreff: Entropy for PublicKey
> Gesendet: Mi, 23. Jan 2008
> Von: Christian Mielke<cm...@nc-ag.de>
>
> > Hi!
> > I want to issue SAML tokens with my token service. For KeyType I want to
> use
> > PublicKey and not SymmetricKey. When I want to use PublicKey, does the
> > client have to send an entropy? And if yes, which one? A random
> generated or
> > generated out of his certificate?
> > With kind regards
> > Christian
> >
>
> --- original Nachricht Ende ----
>
>


-- 
Nandana Mihindukulasooriya
Software Engineer
WSO2 inc.

http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/