You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org> on 2008/05/27 07:13:59 UTC

[jira] Updated: (RAMPART-94) Change rampart implementation to use same encrypted key in both request and response messages

     [ https://issues.apache.org/jira/browse/RAMPART-94?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Nandana Mihindukulasooriya updated RAMPART-94:
----------------------------------------------

    Fix Version/s: 1.4

Set Fix version to 1.4. 

> Change rampart implementation to use same encrypted key in both request and response messages
> ---------------------------------------------------------------------------------------------
>
>                 Key: RAMPART-94
>                 URL: https://issues.apache.org/jira/browse/RAMPART-94
>             Project: Rampart
>          Issue Type: Improvement
>          Components: rampart-core
>            Reporter: Nandana Mihindukulasooriya
>            Assignee: Nandana Mihindukulasooriya
>             Fix For: 1.4
>
>         Attachments: 24_Rampart.patch, rampart.patch
>
>
> In the current implementation , rampart use two encrypted keys in request and response in the symmetric binding. But we can't cater some scenarios using this implementation. It should be changed to use one symmetric key in both request and response and should be referenced using the mechanisms described in WSS 1.1 Soap Message Security Specification under section 7.1  and 7.3.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.