Re: Encrypt a UsernameToken Authenticated WSE Response
- From: "William Stacey [MVP]" <staceywREMOVE@xxxxxxxx>
- Date: Thu, 31 Mar 2005 11:14:22 -0500
> key management does not require a cert.
> with or without a cert, you still have to manage the pub/pri keys.
> and most people cant manage their passwords.
Agreed. But if you sign your assem, you already have a public key at the
client and the server has the private key (or could have.) Naturally,
securing that private key requires special attention. But with a little
extra work, you can get much better security IMO.
> it depends on how secure you need to be,
> but i definitely think passwords (particularly pass phrases) have their
> place.
Agree. Thanks for discussion Casey.
--
William Stacey, MVP
http://mvp.support.microsoft.com
.
- References:
- Encrypt a UsernameToken Authenticated WSE Response
- From: AndiRudi
- Re: Encrypt a UsernameToken Authenticated WSE Response
- From: casey chesnut
- Re: Encrypt a UsernameToken Authenticated WSE Response
- From: AndiRudi
- Re: Encrypt a UsernameToken Authenticated WSE Response
- From: AndiRudi
- Re: Encrypt a UsernameToken Authenticated WSE Response
- From: AndiRudi
- Re: Encrypt a UsernameToken Authenticated WSE Response
- From: casey chesnut
- Re: Encrypt a UsernameToken Authenticated WSE Response
- From: William Stacey [MVP]
- Re: Encrypt a UsernameToken Authenticated WSE Response
- From: casey chesnut
- Re: Encrypt a UsernameToken Authenticated WSE Response
- From: William Stacey [MVP]
- Re: Encrypt a UsernameToken Authenticated WSE Response
- From: casey chesnut
- Encrypt a UsernameToken Authenticated WSE Response
- Prev by Date: Re: Encrypt a UsernameToken Authenticated WSE Response
- Next by Date: SOAPExtensions and WSE
- Previous by thread: Re: Encrypt a UsernameToken Authenticated WSE Response
- Next by thread: WSE2 TCP Transport replies using anonymous endpoint (backchannel?)
- Index(es):
Relevant Pages
|
