Hi, > > (1) sts client doesn't need service policy. Algorithm suit as well as > > trust assertions have to be obtained from issuer policy. > > > I think there are few bugs related to this issue. Milinda is working on > those things. > > (2) if sts needs entropy from client, who is responsible for creating > > it?? is it trust_sts_client or implementation(client/who ever) using > > trust_sts_client? IMHO it should be trust_sts_client by looking at the > > sts policy. > > > Entropy should be created by client (by setting trust_entropy_t in RST in > client code) and also STS should handle it by using populated RSTR (i.e. > trust_rstr_get_entropy()) >
Yes this is the responsibility of the client. But we can automate this by looking at the STS policy. So Kasun I think we need to implement this as well. Regards, Supun..
