You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fx-dev@ws.apache.org by sergio salvi <na...@yahoo.it> on 2006/10/09 11:30:31 UTC

encryptionKeyIdentifier

Which is the difference between the 3 values of the
field 'encryptionKeyIdentifier' in the wsdd file?
I've read the documentation at
http://ws.apache.org/wss4j/apidocs/org/apache/ws/security/WSConstants.html
but I still have some doubts.
There it's written : "The encryption method uses the
private key associated with this certificate to
encrypr the symmetric key used to encrypt data". My
doubt is: if it uses the private key to encrypt the
symmetric key anyone can decrypt it using the public
key associated with the certificate and so anyone can
get the value of the symmetric key and can decrypt the
data. If this is true where is the security?

__________________________________________________
Do You Yahoo!?
Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi 
http://mail.yahoo.it 

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: encryptionKeyIdentifier

Posted by Ruchith Fernando <ru...@gmail.com>.

On 10/9/06, sergio salvi <na...@yahoo.it> wrote:
> Which is the difference between the 3 values of the
> field 'encryptionKeyIdentifier' in the wsdd file?
> I've read the documentation at
> http://ws.apache.org/wss4j/apidocs/org/apache/ws/security/WSConstants.html
> but I still have some doubts.
> There it's written : "The encryption method uses the
> private key associated with this certificate to
> encrypr the symmetric key used to encrypt data". My

IMHO this should be corrected to say : "The encryption method uses the
*public* key associated with this certificate to encrypr the symmetric
key used to encrypt data"

Thanks,
Ruchith


> doubt is: if it uses the private key to encrypt the
> symmetric key anyone can decrypt it using the public
> key associated with the certificate and so anyone can
> get the value of the symmetric key and can decrypt the
> data. If this is true where is the security?
>
> __________________________________________________
> Do You Yahoo!?
> Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi
> http://mail.yahoo.it
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>


-- 
www.ruchith.org

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: encryptionKeyIdentifier

Posted by Ruchith Fernando <ru...@gmail.com>.

On 10/9/06, sergio salvi <na...@yahoo.it> wrote:
> Which is the difference between the 3 values of the
> field 'encryptionKeyIdentifier' in the wsdd file?
> I've read the documentation at
> http://ws.apache.org/wss4j/apidocs/org/apache/ws/security/WSConstants.html
> but I still have some doubts.
> There it's written : "The encryption method uses the
> private key associated with this certificate to
> encrypr the symmetric key used to encrypt data". My

IMHO this should be corrected to say : "The encryption method uses the
*public* key associated with this certificate to encrypr the symmetric
key used to encrypt data"

Thanks,
Ruchith


> doubt is: if it uses the private key to encrypt the
> symmetric key anyone can decrypt it using the public
> key associated with the certificate and so anyone can
> get the value of the symmetric key and can decrypt the
> data. If this is true where is the security?
>
> __________________________________________________
> Do You Yahoo!?
> Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi
> http://mail.yahoo.it
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>


-- 
www.ruchith.org

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org