RE: [ebxml-msg] Schema problem with encryption in the AS4 draft

["Pim van der Eijk" <pvde@sonnenglanz.net>]

Hello Theo,

Two comments:

1)  I think we should simplify this and say that the
eb:Messaging header should never be encrypted.  A capability
to selectively encrypt parts of a message header seems
neither simple to implement nor something that would rank
highly (if at all) on a list of required features for the
market we want to address with AS4.  

If confidentiality is important peer-to-peer (no
intermediaries), transport security could and usually is
used.
If confidentiality is important end-to-end (across
intermediaries), then simple guidelines (e.g. don't use the
credit card number of your customer as the ConversationId of
a message) and proper access controls, audits etc. of the
intermediaries in practice cover virtually all remaining
cases.

2)  The eb:Messaging element already has an optional "id"
attribute of type xsd:ID.  At least one XML schema engine
does not allow a wsu:Id to be added to eb:Messaging even if
that "id" attribute is not present:

cvc-complex-type.5.2: In element 'eb3:Messaging', attribute
'Id' is a Wild ID. But there is already an attribute 'id'
derived from ID among the {attribute uses}.  

Now the WS-I BSP says to use "wsu:Id" preferentially
(SHOULD), this still allows the use of the "id" attribute.
So my assumption was that the header should be identified
using the "id" attribute to make sure the header is schema
valid.  Does your WS-Security processor support this?  The
SOAP Body element would be identified using a wsu:Id.

I agree we want to allow schema validation for the full SOAP
header. 

Pim
 

-----Original Message-----
From: Theo Kramer [mailto:theo@flame.co.za] 
Sent: 17 May 2011 11:08
To: ebxml-msg@lists.oasis-open.org
Subject: [ebxml-msg] Schema problem with encryption in the
AS4 draft

I have received the following from Mike O'Connell (senior
developer) involved in implementing our AS4 light client and
adapting our MSH for AS4 support.

The server has strict XML Schema validation ON and this has
raised a question (and a number of exceptions):

The WSS 1.1 spec allows for arbitrary XML elements to be
encrypted and signed however the ebMS schema
('ebms-header-3_0-200704.xsd') does not.

The only element that allows for insertion of the 'wsu:id'
attribute is 'eb:Messaging' since it has the
'headerExtension' attribute (which allows for
'xsd:anyAttribute'), 'wsu:id' is the ID reference used when
applying WSS1.1 security to arbitrary elements. 

Now - I cannot encrypt the entire 'eb:Messaging' element
because of the following from AS4-profile draft and in
reference to ebMS v3.0, Section 7.4:

AS4 MSH implementations are(sic) SHALL NOT encrypt the
eb:PartyInfo section of the eb:Messaging header. Other child
elements of the eb:Messaging header MAY be encrypted or left
unencrypted as defined by trading partner agreements or
collaboration profiles.

The only way to bypass this issue is to turn XML Schema
validation OFF, which defeats the whole purpose of XML
Schema in the first place.

Your comments/input on this appreciated...

--
Regards
Theo


------------------------------------------------------------
---------
To unsubscribe from this mail list, you must leave the OASIS
TC that
generates this mail.  Follow this link to all your TCs in
OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_work
groups.php