Welcome!

Aaron Flint

Subscribe to Aaron Flint: eMailAlertsEmail Alerts
Get Aaron Flint via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Aaron Flint

The WS Secure Conversation specification describes a mechanism letting multiple parties establish a context (using the WS Trust Request Security Token standard) and secure subsequent SOAP exchanges. Each WS Secure Conversation session has an associated shared secret. Instead of using this shared secret directly to sign and encrypt the conversation's messages, symmetric keys are derived from the secret itself. Deriving new keys for each message and different keys for signature and encryption limits the amount of data that an attacker can analyze in attempting to compromise the context. Derived Key Tokens are tokens in a SOAP Security Header that refer to the derived keys. Using the context's shared secret and hints provided by the Derived Key Token element, the message's recipient derives the key used by the requestor either to verify a signature or decrypt parts of t... (more)