[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Relevant comment posted on OASIS TC WS-SX list concerning policy domain assertions relevant to WSS security usage
http://www.oasis-open.org/apps/org/workgroup/ws-sx/email/archives/200702/msg00008.html that requests:
Add to sp:SignedParts and sp:EncryptedParts sp:SignedParts/Attachment and sp:EncryptedParts/Attachment respectively.
and was submitted by Frederick Hirsch of Nokia
{As far as I can tell it is public or OASIS member accessible link }
The remaining policy features that are not documented pertain to whether signing should be done before or after encryption.
Concerns that pertain to this policy selection are replay/reuse (potential cut and paste of signed material and signature), traffic analysis (if identity is revealed by signature), etc.
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]