CXF supports referencing X.509 tokens via Thumbprint KeyIdentifier references. I don't know why a section on thumbprint references was removed from a draft version of the spec.
Colm. On Tue, Mar 11, 2014 at 2:12 PM, COURTAULT Francois < [email protected]> wrote: > Sorry to ask again but I haven't received any response yet ... > > Best Regards. > > -----Original Message----- > From: COURTAULT Francois > Sent: lundi 10 février 2014 10:35 > To: '[email protected]' > Cc: '[email protected]' > Subject: RE: Blur between secpolicy 1.2 and X509 Token profile > > Hello guys, > > Any answer to my question ? > > Best Regards. > > -----Original Message----- > From: COURTAULT Francois > Sent: mercredi 5 février 2014 12:22 > To: [email protected] > Subject: Blur between secpolicy 1.2 and X509 Token profile > > Hello everyone, > > I am a little bit lost because In the security policy spec v1.2 ( > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.html), > there are several ways to reference a X509Token (§5.4.3) which are allowed: > * <sp:RequireKeyIdentifierReference ... /> ? > * <sp:RequireIssuerSerialReference ... /> ? > * <sp:RequireEmbeddedTokenReference ... /> ? > * <sp:RequireThumbprintReference ... /> ? > > But in the X509 Certificate Token Profile 1.1 draft ( > https://www.oasis-open.org/committees/download.php/13383/wss-v1.1-spec-pr-x509TokenProfile-01.htm#_Toc105230346), > the thumbprint references is described (§3.2.4) whereas in the final specs > either at > http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-x509TokenProfile.pdfor at > http://docs.oasis-open.org/wss-m/wss/v1.1.1/wss-x509TokenProfile-v1.1.1.html, > this section has disappeared. > > Do you know any reason for that ? Is the thumbprint reference still > supported by the spec ? > > Best Regards. > > This message and any attachments are intended solely for the addressees > and may contain confidential information. Any unauthorized use or > disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable for > the message if altered, changed or falsified. If you are not the intended > recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this transmission > free from viruses, the sender will not be liable for damages caused by a > transmitted virus > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
