On Wed, 2012-03-14 at 16:34 +0000, Colm O hEigeartaigh wrote: > This is not valid according to the spec: > > ENC_KEY_INFO - an element named ds:KeyInfo, included as a child of an > ENCRYPTED_KEY or ENCRYPTED_DATA. > > R5426 Any ENC_KEY_INFO MUST contain a child SECURITY_TOKEN_REFERENCE.
Ok, so I guess this isn't the right way to encrypt a message with a symmetric key. Do you know if there's a way to configure WSS4J to achieve this in a Basic Profile compliant way? -- Giovanni Bussu
