Key Transport Algorithm for XML Encryption
cantor.2 at osu.edu
Mon Nov 28 20:48:32 GMT 2011
On 11/28/11 4:46 PM, "shibboleth at krugs.org" <shibboleth at krugs.org> wrote:
>I am trying to interoperate with a Service Provider that does
>not support RSA_OAEP, so if it is still true could someone
>provide a quick pointer to the where in Java IDP code I should
>look to tweak this.
Note that that there are some potential weaknesses in 1.5 that relying
parties have to mitigate.
I believe the setting is in one of the lower level jars, probably
xmltooling. Best thing would be to search for the constant, or a reference
to the constant as defined by xmlsec.
More information about the users