[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Issue i016 sp:SignedParts mechanism
Description Section 4.1.1 SignedParts provides a mechanism to specify which "parts" of a message are required to be integrity protected. The current text indicates that, for the sp:SignedParts element, "If no child elements are specified, all message headers targeted at the UltimateReceiver role [SOAP12] or actor [SOAP11] and the body of the message MUST be integrity protected." However, it isn't clear whether sp:Header elements, when specified, impact all matching header elements or only those targeted at the UltimateReceiver. Also, there is currently no way to specify that a header not targeted to UltimateReceiver must be signed. Proposal @ Line 575 Syntax <sp:SignedParts ... > <sp:Body />? <sp:Header Name="xs:NCName"? Namespace="xs:anyURI" Target="xs:anyURI" ... />* ... </sp:SignedParts> @ Line 599 /sp:SignedParts/sp:Header/@Name This optional attribute indicates the local name of the SOAP header to be integrity protected. If this attribute is not specified, all SOAP headers whose namespace and target match the Namespace and Target attributes are to be protected. /sp:SignedParts/sp:Header/@Namespace This required attribute indicates the namespace of the SOAP header(s) to be integrity protected. /sp:SignedParts/sp:Header/@Target This optional attribute indicates the role [SOAP12] or actor [SOAP11] of the SOAP header(s) to be integrity protected. If this attribute is not specified, all SOAP headers targeted at the UltimateReceiver role [SOAP12] or actor [SOAP11] whose namespace matches the Namespace attribute are to be protected.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]