wsse plain text password

using pub.soap.utils:stringToSoapData and a plain text wsse password it seems to require the nonce created date/time be equal to the security token expires date/time. If the nonce created date/time is equal to the security token created time pub.soap.utils:stringToSoapData throws an invalid soap header error.

Is this intended or a bug?