OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ws-sx] Issue PR020: Provide mechanism to specify signing orencryption of SwA (SOAP Messages with Attachments)

Hi Frederick,

I took an action item on the last TC call to look more into your proposal below.

In general, I agree with the proposed solution since message attachments are generally considered as parts of the message. However I wonder what is your proposal for identifying individual attachments? Since WS-SP does not depend on WSDL and is WSDL agnostic it is not clear to me how the attachment parts are distinguished if there is more than one attached to the message so that the individual attachments can be mapped to the respective protection assertion "attachment" elements in the receiver's security policy. Or is your proposal to uniformly protect all the message attachments by using a single "attachment" element?

Thanks,
--Jan


-----Original Message-----
From: Greg Carpenter [mailto:gregcarp@microsoft.com]
Sent: Monday, February 12, 2007 7:16 AM
To: ws-sx@lists.oasis-open.org
Cc: Frederick Hirsch
Subject: [ws-sx] Issue PR020: Provide mechanism to specify signing or encryption of SwA (SOAP Messages with Attachments)

Issue PR020

-----Original Message-----
From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com]
Sent: Sunday, February 11, 2007 8:09 AM
To: WS-SX OASIS
Cc: Hirsch Frederick; Carpenter Greg
Subject: [ws-sx] NEW Issue: Provide mechanism to specify signing or encryption of SwA (SOAP Messages with Attachments)

PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL
THE ISSUE IS ASSIGNED A NUMBER.

The issues coordinators will notify the list when that has occurred.

Protocol:  ws-securitypolicy
http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/21401/
ws-securitypolicy-1.2-spec-cd-01.pdf

Artifact:  spec

Type:  design
Title: No means to express need to secure SOAP Messages with
Attachments (SwA)

Description:

The current specification provides no mechanism to express the
requirement to secure SOAP Messages with Attachments (SwA).

Related issues:
None.
Proposed Resolution:

Add to sp:SignedParts and sp:EncryptedParts sp:SignedParts/Attachment
and sp:EncryptedParts/Attachment respectively.

regards, Frederick

Frederick Hirsch
Nokia

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]