You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Daniel Kulp (JIRA)" <ji...@apache.org> on 2011/08/02 21:04:27 UTC
[jira] [Resolved] (CXF-3646) Use of asymmetric key is implicit and
defaults to RSA_SHA1 in the security policy implementation
[ https://issues.apache.org/jira/browse/CXF-3646?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp resolved CXF-3646.
------------------------------
Resolution: Not A Problem
Fix Version/s: Invalid
Assignee: Colm O hEigeartaigh
My reading is the same. This is working per spec.
> Use of asymmetric key is implicit and defaults to RSA_SHA1 in the security policy implementation
> ------------------------------------------------------------------------------------------------
>
> Key: CXF-3646
> URL: https://issues.apache.org/jira/browse/CXF-3646
> Project: CXF
> Issue Type: Bug
> Components: Core, WS-* Components
> Affects Versions: 2.3.2, 2.5
> Environment: Linux
> Reporter: vaidya.krishnamurthy
> Assignee: Colm O hEigeartaigh
> Labels: security
> Fix For: Invalid
>
>
> Since the use of SHA1 has been recently discouraged I tried to switch to using atleast SHA256 ( http://www.w3.org/TR/xmldsig-core1/#sec-MessageDigests )
> Currently the policy is set like this in the wsdl file :
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic256Sha256Rsa15/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> From the log I can see that a part of the message is signed with rsa-sha1
> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-2">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
> <ds:Reference URI="#Timestamp-1">
>
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira