You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by Andro Maque <an...@live.com> on 2009/01/30 08:15:23 UTC
Compliance WSS 1.1 (WSS-105)
Hello:
On 2008/02/09, Mayank Mishra reported a compliance problem with WSS 1.1 specifications regarding the valueType
attribute of the KeyIdentifier element (see
http://marc.info/?l=wss4j-dev&m=120428958115637&w=2#2).
I'm reviewing the current specification and I find no mention to "x509v1" as a valid valueType for a Binary Security Token. I guess that it was specified as valid while the bug was reported; since then, an errata was published
correcting this feature. It seems that "x509v1" is no longer a valid
valueType in a security token.
Affected versions: 1.5.4 & 1.5.5
See: http://www.oasis-open.org/specs/#wssv1.1
and the 3 documents:
X.509 Token Profile 1.1 X.509 Token Profile 1.1 Errata (only) X.509 Token Profile 1.1 Errata (merged)
Regards.
Andro.
_________________________________________________________________
Show them the way! Add maps and directions to your party invites.
http://www.microsoft.com/windows/windowslive/events.aspx
RE: Compliance WSS 1.1 (WSS-105)
Posted by Colm O hEigeartaigh <co...@progress.com>.
Yup good catch, I'll reopen the JIRA to remove this patch for 1.5.6.
Colm.
________________________________
From: Andro Maque [mailto:andromaque@live.com]
Sent: 30 January 2009 07:15
To: wss4j-dev@ws.apache.org
Subject: Compliance WSS 1.1 (WSS-105)
Hello:
On 2008/02/09, Mayank Mishra reported a compliance problem with WSS 1.1
specifications regarding the valueType attribute of the KeyIdentifier
element (see http://marc.info/?l=wss4j-dev&m=120428958115637&w=2#2).
I'm reviewing the current specification and I find no mention to
"x509v1" as a valid valueType for a Binary Security Token. I guess that
it was specified as valid while the bug was reported; since then, an
errata was published correcting this feature. It seems that "x509v1" is
no longer a valid valueType in a security token.
Affected versions: 1.5.4 & 1.5.5
See: http://www.oasis-open.org/specs/#wssv1.1
and the 3 documents:
* X.509 Token Profile 1.1
<http://www.oasis-open.org/committees/download.php/16785/wss-v1.1-spec-o
s-x509TokenProfile.pdf>
* X.509 Token Profile 1.1 Errata (only)
<http://docs.oasis-open.org/wss/v1.1/wss-v1.1-errata-os-x509TokenProfile
.pdf>
* X.509 Token Profile 1.1 Errata (merged)
<http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-errata-os-x509TokenPr
ofile.pdf>
Regards.
Andro.
________________________________
See all the ways you can stay connected to friends and family
<http://www.microsoft.com/windows/windowslive/default.aspx>