In my STS implementation, my RST messages are expected to contain a UseKey
element with an X.509 certificate, something like this:
<UseKey>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>some-encoded-cert</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</UseKey>
This works fine, mostly. But it will does not work if the certificate is
provided as a BinarySecurityToken, e.g.,
<UseKey>
<wsse:BinarySecurityToken EncodingType="..."
ValueType="...">some-encoded-cert</wsse:BinarySecurityToken>
</UseKey>
It's the same info either way, but I had thought that UseKey should accept
a BST. Is this an issue with the STS, or an issue with my understanding?
Thanx,
Stephen W. Chappell
