[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (EBXMLMSG-28) 5.1.7 State required attachment transform for encryption
[ https://issues.oasis-open.org/browse/EBXMLMSG-28?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=69315#comment-69315 ] Sander Fieten commented on EBXMLMSG-28: --------------------------------------- To align section 5.1.7 with 5.1.5 on signing of SwA messages I propose to use two profiling rules here as well: (a) AS4 MSH implementations are REQUIRED to use the Attachment-Content-Only transform as defined in [WSS11-SWA] when encrypting SOAP with Attachments messages [SOAPATTACH]. The Attachment-Complete transform is not supported by this profile. (b) AS4 MSH implementations are REQUIRED to encrypt the MIME Body parts of included payloads. If and only if a payload is contained in the SOAP Body the SOAP Body MUST be encrypted as well. The SOAP header including the eb:Messaging header SHALL NOT be encrypted. > 5.1.7 State required attachment transform for encryption > -------------------------------------------------------- > > Key: EBXMLMSG-28 > URL: https://issues.oasis-open.org/browse/EBXMLMSG-28 > Project: OASIS ebXML Messaging Services TC > Issue Type: Improvement > Components: AS4 Profile > Reporter: Sander Fieten > > Section 5.1.7 does not mention which transforms must be supported. Similar to signing (see also issue 25) the AS4 profile should require support only for the Content-Only transform (indicated by URI : http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Only). -- This message was sent by Atlassian JIRA (v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]