Milinda Pathirage wrote:
Hi devs,
I have added trust implementation from scratch to trunk with new features
and samples. Please feel free to try it and comment on the implementation.
Thanks
Milinda
Hi,
Thank you for the implementation :) . I have some comments + questions :)
(1) sts client doesn't need service policy. Algorithm suit as well as
trust assertions have to be obtained from issuer policy.
(2) if sts needs entropy from client, who is responsible for creating
it?? is it trust_sts_client or implementation(client/who ever) using
trust_sts_client? IMHO it should be trust_sts_client by looking at the
sts policy. Even server challenge should be handled by trust_sts_client.
(3) when creating proof token, we can set it as binary secret or
encrypted key. Is there any way to specify which one should be used?
Regards,
Shankar
