Hi, In Ramaprt, when we use derived keys in a symmetric binding assertion with X509Token, in client side we create an encrypted key encrypted for servers certificate and use the ephemeral key of that encrypted key to create the DerivedKeys. When the server sends it's response back to the client, it does the same, by creating an encrypted key for the client certificate and using ephemeral key of that encrypted key to create the DerivedKeys. But this prevents the scenario that anonymous clients sending requests to the service because we have to have the clients certificate to create the encrypted key in the response. This could be avoided if we use the same ephemeral key to create all the derived keys in both request and the response. In the response, we can provide a security token reference in derived keys using a key identifier to the encrypted key used in the request as defined in the section 7.7Encrypted Key reference of the specification wss 1.1 Soap Message Security. Is this the right way to go ?
Regards, Nandana
