Professional Documents
Culture Documents
Wss v1.1 Spec PR x509TokenProfile 01
Wss v1.1 Spec PR x509TokenProfile 01
Prefix Namespace
S12 http://www.w3.org/2003/05/soap-envelope
ds http://www.w3.org/2000/09/xmldsig#
xenc http://www.w3.org/2001/04/xmlenc#
wsse http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
wsse11 http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-wssecurity-secext-1.1.xsd
wsu http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
249
250 The <wsse:SecurityTokenReference> element from which the reference is made contains a
251 <wsse:KeyIdentifier> element. The <wsse:KeyIdentifier> element MUST have a
252 ValueType attribute with the value or http://docs.oasis-
253 open.org/wss/2005/xx/oasis-2005xx-wss-soap-message-security-
254 1.1#ThumbprintSHA1 and its contents MUST be the thumbprint for the desired certificate . If
255 the certificate does not contain a X.509 Thumbprint extension, then one is computed as the SHA1
256 of the raw octets which would be encoded within the <wsse:BinarySecurityToken> element
257 were it to be included. The thumbprint is encoded as per the <wsse:KeyIdentifier>
258 element's EncodingType attribute. The default encoding is Base64. Implementations compliant
259 with this specification MAY support such a certificate reference mechanism.