Yes, I
noted this previously and it will be in the next revision.
I am
taking over as Interop Scenario editor and have a new format which specifies
these scenarios in more detail.
Hal
Chris,
Should the
<xenc:EncryptedData> element precede the <xenc:EncryptedKey>
element in the header of the SOAP message in the second scenario example? We
are trying out our implementation and thought that the proper order would have
been to have the key first and then the data since the processing rules would
have been something like: add username/password token, then encrypt it and
then add the key which would result in an order of: <xenc:EncryptedKey/>
then <xenc:EncryptedData>.
from draft 11
(merged) lines 954...
When a sender or an
intermediary encrypts portion(s) of a SOAP message using XML Encryption they MUST
prepend a sub-element to the <wsse:Security>
header block. Furthermore, the encrypting party MUST
prepend the sub-element into the <wsse:Security> header block for
the targeted recipient that is expected to decrypt these encrypted portions.
-Eric
Revised based on discussions from
Tuesday's call
|