[
https://issues.apache.org/jira/browse/CXF-4145?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13278754#comment-13278754
]
Sergey Beryozkin commented on CXF-4145:
---------------------------------------
We talked with Colm, XML Signature code is invoked in a 'secure' mode which
means the signature algorithms will be checked too, which combined with the
possibility to set the restricting properties should meet many of the demands.
The only thing which is missing then is adding a check similar to the one used
by the WS code to do a simplified WSI Basic Security Profile like check,
specifically for the encryption algorithms. We can manage this enhancement a
bit later on
> Add the ability to restrict what algorithms were used for encryption/signature
> ------------------------------------------------------------------------------
>
> Key: CXF-4145
> URL: https://issues.apache.org/jira/browse/CXF-4145
> Project: CXF
> Issue Type: Improvement
> Components: JAX-RS Security
> Reporter: Colm O hEigeartaigh
> Assignee: Sergey Beryozkin
> Fix For: 2.6.1, 2.5.4
>
>
> This task is to add some functionality on the inbound side to restrict what
> algorithms can be used by the client. Examples include the symmetric and Key
> Transport algorithms for encryption, and signature/c14n/digest algorithms for
> signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
