http://aaronflint.sys-con.com/ Latest News from Aaron Flint en Copyright 2009 Ulitzer.com Ulitzer.com Fri, 27 Nov 2009 21:47:06 EST http://backend.userland.com/rss 360 http://aaronflint.sys-con.com/node/204424 The WS Secure Conversation specification describes a mechanism letting multiple parties establish a context (using the WS Trust Request Security Token standard) and secure subsequent SOAP exchanges. Each WS Secure Conversation session has an associated shared secret. Instead of using this shared secret directly to sign and encrypt the conversation's messages, symmetric keys are derived from the secret itself. Deriving new keys for each message and different keys for signature and encryption limits the amount of data that an attacker can analyze in attempting to compromise the context.<p><a href="http://aaronflint.sys-con.com/node/204424" target="_blank">read more</a></p> Mon, 17 Apr 2006 11:15:00 EDT http://aaronflint.sys-con.com/node/204424 http://aaronflint.sys-con.com/node/204424#feedback