Re: Encryption in WS-Policy and WSE2.0
From: Softwaremaker (msdn_at_removethis.softwaremaker.net)
Date: 12/11/04
- Next message: Softwaremaker: "Re: problems encrypting Soap message using X.509 cert generated from makecert"
- Previous message: eshayne_at_bigfoot.com: "problems encrypting Soap message using X.509 cert generated from makecert"
- In reply to: Hernan de Lahitte: "Encryption in WS-Policy and WSE2.0"
- Next in thread: Softwaremaker: "Re: Encryption in WS-Policy and WSE2.0"
- Reply: Softwaremaker: "Re: Encryption in WS-Policy and WSE2.0"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 11 Dec 2004 09:13:49 +0800
Hernan,
I did spent some time on issues like this recently and it will be reflected
in an article soon (I hope) on MSDN. Now before, we go on trying to solve
your problem. Is there a specific reason why you are encrypting the
signature ?
A note of caution I can give is that signatures can and may be verified
along the way via SOAP intermediaries. If you encrypt them, the
intermediaries will not be able to verify the authencity of it and therefore
cannot trust it.
-- Thank you. Regards, Softwaremaker http://www.softwaremaker.net/blog ========================================= "Hernan de Lahitte" <hernan@lagash.com> wrote in message news:e1LJwbv3EHA.3376@TK2MSFTNGP12.phx.gbl... > Hi Guys, > > Does anybody knows how to encrypt applying WS-Policy with WSE2.0 (SP2) > something other than wsp:Body() and wse:UsernameToken() ? Are filters the > way to go or there is any other trick to use ? > > If you don´t know what I mean, just try to encrypt something apart from body > and UsernameToken and you will receive an exception much like this one: > "Microsoft.Web.Services2.Policy.PolicyEnforcementException: WSE429: It is > only possible to enforce the Confidentiality assertion using the following > message parts in the SOAP message part dialect: wsp:Body() > wse:UsernameToken()." > > > In fact, I´m looking for some way to encrypt the signature digest of a > message. > > Thanks, > > Hernan de Lahitte > http://weblogs.asp.net/hernandl > http://www.lagash.com/english/index.html > > "An expert is one who knows more and more about less and less until he knows > absolutely everything about nothing". > > >
- Next message: Softwaremaker: "Re: problems encrypting Soap message using X.509 cert generated from makecert"
- Previous message: eshayne_at_bigfoot.com: "problems encrypting Soap message using X.509 cert generated from makecert"
- In reply to: Hernan de Lahitte: "Encryption in WS-Policy and WSE2.0"
- Next in thread: Softwaremaker: "Re: Encryption in WS-Policy and WSE2.0"
- Reply: Softwaremaker: "Re: Encryption in WS-Policy and WSE2.0"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
