[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ebxml-msg-as4] CEM for AS4
From: Timothy Bennett [mailto:timothy@drummondgroup.com] Let me preface this by clearly
stating that this is *not* a proposal for a new feature to be added to AS4 at
the 11th hour. But, it is a survey of opinion and thoughts...
I assume you mean that implementations are required to support. It
is OK but it will need some profiling or maybe a new informational RFC to work.
Remember that the signature on CEM is CMS (pkcs7-like) while AS4 will be
using XMLDigitalSignature and XMLEncryption as profiled by WSS. Also the
required metadata values will differ between AS2 and AS4.
WS-Trust is in the ballpark but actually goes a bit beyond what CEM
does (which mainly provides a renewal of expired certificate service) “In this specification we define extensions to [WS-Security]
that provide: ·
Methods for issuing, renewing,
and validating security tokens. ·
Ways to establish assess the
presence of, and broker trust relationships. Using these extensions, applications can engage in secure communication
designed to work with the general Web services framework, including WSDL
service descriptions, UDDI businessServices and bindingTemplates, and [SOAP]
[SOAP2] messages. To achieve this, this specification introduces a number of
elements that are used to request security tokens and broker trust
relationships.”
WS-Trust has not been subject to WSI directly at this point. An
updated version is just now being approved.
Defer to Ric. But… It will probably be a full rewrite or reuse with refactoring
at best. Not huge, but not trivial. And we would need to agree on the approach
first and then maybe a scope of effort could be estimated. Maybe we could have
the EU requirements stated up front so we see whether it would be quicker to
write something from scratch, cut and paste CEM into CEM for AS4, or explore
ws-trust. WS-trust is in the spirit of the design goals of ebMS 3, which
was to be a b2b set of functionality based on ws-splat defined elements. Dale Timothy |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]