Helloin asymmetric bindings, i never quite understand why sometimes encryption is done DIRECTLY with receipient's certificate and sometimes with an EncryptedKey protected with receipient's certificate.http://docs.oasis-open.org/ws-sx/security-policy/examples/ws-sp-usecases-examples.htmlExamples 2.13 and 2.2.1 use exactly the same policy (let appart the username token in the first example) and still, in the rel messages, the first encrypts directly with the certificate and the secon example passes through an intermediary key (of course protected with receipient's certificate).Thanks.
-- Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
