G'day all,
I am using WSS4J 1.5.1. I created X509 public keys and certificates from
Sun Microsystems Keytool utility. AFAIK, it created X509v1 certificates.
Please let me know if it creates v3 certificates, which in my opinion
doesn't do.
Looking at the on the wire message sent from client to server or
otherwise, I observe Token Reference, the value of the "Valuetype"
attribute in the "KeyIdentifier" element is
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
AFAIK, In X.509 Certificate Token Profile 1.1, X509v1 certificates were
included in the spec, in X509 Certificate Token Profile 1.0, only X509v3
certificates were there to be used.
Also, AFAIK, WSS4J supports X.509 Certificate Token Profile 1.0. Please
clarify me if I am wrong.
Since, X509v3 certs have some more extension elements over X509v1. It
should give some error, when passing X509v1 for cryptos creation. Or, it
silently use X509v1, but then the valuetype should be "#x509v1" instead
of "#x509v3".
There is a bit of confusion. Kindly clarify.
With Regards,
Mayank