[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wss] SOAP MustUnderstand issue
> Not seeing value in this as these sub-elements have the same mustUnderstand > semantics associated with the wsse:Security header by default The originator sends a message without mU set. An intermediary adds to the WSS header and element that needs mU (such as one containing the "notAfter" element mentioned yesterday). Now what happens? Should that intermediary force mU on the global WSS element? Should that intermediary have the "right" to impose header-wide semantics that conflict with the security policy of the originator? I think the answers should be no, therefore we need finer grain. /r$ -- Rich Salz, Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]