Return-Path: 
 <dev-return-16148-apmail-ws-dev-archive=ws.apache.org@ws.apache.org>
X-Original-To: apmail-ws-dev-archive@www.apache.org
Delivered-To: apmail-ws-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id BC1ED17A6B
	for <apmail-ws-dev-archive@www.apache.org>;
 Wed, 15 Apr 2015 10:33:21 +0000 (UTC)
Received: (qmail 66167 invoked by uid 500); 15 Apr 2015 10:32:59 -0000
Delivered-To: apmail-ws-dev-archive@ws.apache.org
Received: (qmail 65968 invoked by uid 500); 15 Apr 2015 10:32:59 -0000
Mailing-List: contact dev-help@ws.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@ws.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@ws.apache.org>
List-Post: <mailto:dev@ws.apache.org>
List-Id: <dev.ws.apache.org>
Reply-To: dev@ws.apache.org
Delivered-To: mailing list dev@ws.apache.org
Received: (qmail 65899 invoked by uid 99); 15 Apr 2015 10:32:59 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 Apr 2015 10:32:59 +0000
Date: Wed, 15 Apr 2015 10:32:59 +0000 (UTC)
From: "Colm O hEigeartaigh (JIRA)" <jira@apache.org>
To: dev@ws.apache.org
Message-ID: <JIRA.12821111.1429093488000.6402.1429093979361@Atlassian.JIRA>
In-Reply-To: <JIRA.12821111.1429093488000@Atlassian.JIRA>
References: <JIRA.12821111.1429093488000@Atlassian.JIRA>
 <JIRA.12821111.1429093488034@arcas>
Subject: [jira] [Resolved] (WSS-533) Also use signing key when trying to
 detect message replay attacks
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/WSS-533?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh resolved WSS-533.
-------------------------------------
    Resolution: Fixed

> Also use signing key when trying to detect message replay attacks
> -----------------------------------------------------------------
>
>                 Key: WSS-533
>                 URL: https://issues.apache.org/jira/browse/WSS-533
>             Project: WSS4J
>          Issue Type: Improvement
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.0.4, 1.6.19, 2.1.0
>
>
> Currently we use the Timestamp created value + signature value as a key to avoid message replay attacks. However it's possible that we could have two signatures in the security header that sign the Timestamp, but with different keys. This task is to add the hashed encoded version of the key as part of the caching key to allow for this scenario.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org