[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Simple Binding using xmlsig and xmlenc
Hi TC members, I want to continue the discussion on bindings from last week. As we have been discussing, it makes sense to have bindings associated with the specification - currently, we have identified the - Soap Binding - Mutual TLS Binding In addition to this, I am wondering if we should add in a simple binding with xml signature and encryption. It just reuses the concepts from the soap-wss binding and tls binding. We need to consider message integrity and confidentiality. Now, in simple binding, a request for a key would look as follows: ================= <ekmi:SymkeyRequest xmlns:ekmi=”http://docs.oasis-open.org/ekmi/2008/01";> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo>... </ds:SignedInfo> </ds:Signature> <ekmi:GlobalKeyID>10514-0-0</ekmi:GlobalKeyID> .... </ekmi:SymkeyRequest> The key response would look something like this: <ekmi:SymkeyResponse xmlns:ekmi='http://docs.oasis-open.org/ekmi/2008/01' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#'> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo>... </ds:SignedInfo> </ds:Signature> <ekmi:Symkey> .... <xenc:CipherData> <xenc:CipherValue> E9zWB/y93hVSzeTLiDcQoDxmlNxTuxSffMNwCJmt1dIqzQHBnpdQ81g6DKdkCFjJM hQhywCx9sfYjv9h5FDqUiQXGOca8EU871zBoXBjDxjfg1pU8tGFbpWZcd/ATpJD/2fw UJow/qimxi8+huUYJMtaGHtXuLlWtx27STRcRpIsY= </xenc:CipherValue> </xenc:CipherData> </ekmi:Symkey> </ekmi:SymkeyResponse> The integrity is checked via the xml signature where as the keys are encrypted using xml encryption as before. This binding allows implementations to operate in a secure protected environment. Regards, Anil
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]