6 Appendix A: Product Behavior

  • Article

The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include updates to those products.

The terms "earlier" and "later", when used with a product version, refer to either all preceding versions or all subsequent versions, respectively. The term "through" refers to the inclusive range of versions. Applicable Microsoft products are listed chronologically in this section.

Windows Client

  • Windows XP operating system Service Pack 2 (SP2)

  • Windows Vista operating system

  • Windows 7 operating system

  • Windows 8 operating system

  • Windows 8.1 operating system

  • Windows 10 operating system

  • Windows 11 operating system

Windows Server

  • Windows Server 2003 operating system with Service Pack 1 (SP1)

  • Windows Server 2008 operating system

  • Windows Server 2008 R2 operating system

  • Windows Server 2012 operating system

  • Windows Server 2012 R2 operating system

  • Windows Server 2016 operating system

  • Windows Server operating system

  • Windows Server 2019 operating system

  • Windows Server 2022 operating system

  • Windows Server 2025 operating system

Exceptions, if any, are noted in this section. If an update version, service pack or Knowledge Base (KB) number appears with a product name, the behavior changed in that update. The new behavior also applies to subsequent updates unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.

Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms "SHOULD" or "SHOULD NOT" implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term "MAY" implies that the product does not follow the prescription.

<1> Section 2.2.1.7.1.1: On Windows, an implementation of the Lightweight Web Services Security Profile does not support the following values:

  • http://www.w3.org/2000/09/xmldsig#rsa-sha1

  • http://www.w3.org/2000/09/xmldsig#dsa-sha1

  • http://www.w3.org/2001/04/xmldsig-more#rsa-sha256

  • http://www.w3.org/2001/04/xmldsig-more#rsa-sha384

  • http://www.w3.org/2001/04/xmldsig-more#rsa-sha512

<2> Section 3.1: On Windows, an implementation of the Lightweight Web Services Security Profile does not specify additional protocols.

<3> Section 3.1.4.1: On Windows, an implementation of the Lightweight Web Services Security Profile returns an error code to the application.

<4> Section 3.1.5: On Windows, an implementation of the Lightweight Web Services Security Profile returns an error code to the application.

<5> Section 3.1.5.2.1: In Windows XP SP2, Windows Server 2003 with SP1, Windows Vista and later, and Windows Server 2008 and later, an implementation of the Lightweight Web Services Security Profile returns an error code to the application if the message specifies the "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal" action. 

<6> Section 3.1.5.2.1: In Windows XP SP2, Windows Server 2003 with SP1, Windows Vista and later, and Windows Server 2008  and later, an implementation of the Lightweight Web Services Security Profile returns an error code to the application if the message specifies the "http://docs.oasis-open.org/wssx/wstrust/200512/Bearer" or "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer" element values.

<7> Section 3.1.5.2.4: On Windows, an implementation of the Lightweight Web Services Security Profile ignores the contents of the message.

<8> Section 3.2: On Windows, an implementation of the Lightweight Web Services Security Profile does not specify additional protocols.

<9> Section 3.2.4.1: On Windows, an implementation of the Lightweight Web Services Security Profile returns an error code to the application.

<10> Section 3.2.5: On Windows, an implementation of the Lightweight Web Services Security Profile returns an error code to the application.