Hi,
What is the recommended way to use WS-Security (at least for VOSpace): are we only concerned with the client sending and the server receiving secure messages or are we expecting that the server will also respond with secure messages and the client receive them?
I also assume that we are using the "direct reference" method where the client's individual certificate is included in the signed message; otherwise a user will have to preregister their certificate with a service before they can use it (the "issuer-serial" method).
Cheers,
Matthew Received on 2006-10-25Z09:10:30