X509Data in X509IssuerSerial missing ?

[Denis Koelewijn]

Hi,

When using IssuerSerial instead of DirectReference, siging key info is sent in the KeyInfo block as shown below:

<ds:KeyInfo Id="KeyId-283976">
<wsse:SecurityTokenReference xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-8055815"><ds:X509IssuerSerial>
<ds:X509IssuerName>CN=OASIS Interop Test CA,O=OASIS</ds:X509IssuerName>

<ds:X509SerialNumber>68652640310044618358965661752471103644</ds:X509SerialNumber>
</ds:X509IssuerSerial></wsse:SecurityTokenReference>
</ds:KeyInfo>

According to these documents (*1) the X509IssuerSerial must be enclosed in a X509Data block. However I can't find this block in de ds .xsd (*2). Is WSS4J behaving correctly ? I Use WSS4J v1.1.0 with Axis v1.2.1

Regards, Denis Koelewijn

(*1) oasis-200401-wss-x509-token-profile-1.0.pdf, and wss-v1.1-spec-os-x509TokenProfile.pdf
(*2) http://www.w3.org/2000/09/xmldsig#