On 10/9/06, sergio salvi <[EMAIL PROTECTED]> wrote:
Which is the difference between the 3 values of the field 'encryptionKeyIdentifier' in the wsdd file? I've read the documentation at http://ws.apache.org/wss4j/apidocs/org/apache/ws/security/WSConstants.html but I still have some doubts. There it's written : "The encryption method uses the private key associated with this certificate to encrypr the symmetric key used to encrypt data". My
IMHO this should be corrected to say : "The encryption method uses the *public* key associated with this certificate to encrypr the symmetric key used to encrypt data" Thanks, Ruchith
doubt is: if it uses the private key to encrypt the symmetric key anyone can decrypt it using the public key associated with the certificate and so anyone can get the value of the symmetric key and can decrypt the data. If this is true where is the security? __________________________________________________ Do You Yahoo!? Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi http://mail.yahoo.it --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- www.ruchith.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
