0007558: Does IdentityCriteriaType Application require a secure connection

ID	Project	Category	View Status	Date Submitted	Last Update

0007558	10000-018: Role-Based Security	Spec	public	2022-01-16 19:02	2022-02-22 16:23

Reporter	Matthias Damm	Assigned To	Matthias Damm
Priority	normal	Severity	major	Reproducibility	have not tried
Status	closed	Resolution	fixed
Product Version	1.05.00
Target Version	1.05.01 RC1

Summary	0007558: Does IdentityCriteriaType Application require a secure connection
Description	Does IdentityCriteriaType Application require a secure connection – otherwise the application identity cannot be verified
Tags	No tags attached.

Commit Version
Fix Due Date

Matthias Damm 2022-02-15 21:04 developer ~0016020	Extended The Client Certificate shall be trusted by the Server. to The Client Certificate shall be trusted by the Server and the Session shall use at least a signed communication channel. It makes no sense to allow application authentication if the applicaiton authentication was not verified in the case of a NONE channel.

Randy Armstrong 2022-02-22 16:23 administrator ~0016065	Reviewed in WG meeting.

Date Modified	Username	Field	Change
2022-01-16 19:02	Matthias Damm	New Issue
2022-02-08 17:43	Jim Luth	Assigned To	=> Matthias Damm
2022-02-08 17:43	Jim Luth	Status	new => assigned
2022-02-15 21:04	Matthias Damm	Status	assigned => resolved
2022-02-15 21:04	Matthias Damm	Resolution	open => fixed
2022-02-15 21:04	Matthias Damm	Note Added: 0016020
2022-02-22 16:23	Randy Armstrong	Status	resolved => closed
2022-02-22 16:23	Randy Armstrong	Note Added: 0016065