[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] Additional SwA Interop Issues
> Do you agree?
Looks okay to me but I would prefer to hear from the Interop participants.
Paul Cotton, Microsoft Canada From:
Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com]
Paul
Section 4.5.2 item #4 reads as follows in the latest draft (draft 14) of the SwA profile:
"Set the <xenc:EncryptedData> MimeType attribute to match the attachment MIME part Content-Type header before encryption when Content-Only URI is specified for the Type attribute value. The MimeType attribute value may also be set when the AttachmentComplete Type attribute value is specified."
When content-only encryption is used the original mime-type header will be replaced by the mime-type for the cipherdata, so the original MIME Type needs to be preserved. When the headers are included in the encrypted data then this is not required and I re-worded this item to make this clear.
I believe issue #2 should be closed. Do you agree?
regards, Frederick
From: ext Paul Cotton [mailto:pcotton@microsoft.com] Blake: Thanks for the feedback.
Frederick: Can you point us to the changes you made in the current OASIS SwA document so that we can easily flatten issue#2 at the next TC meeting?
/paulc
Paul Cotton, Microsoft Canada From: Blake Dournaee
[mailto:blake@sarvega.com]
Paul –
I believe that Frederick has already added text to the latest draft of SwA Profile for issue #1
For issue #2, this was a typo in the examples used in the SwA Profile Interoperability Scenarios. The Id for <EncryptedData> should not have had a wsu: prefix. I don’t believe we need clarifying text unless others disagree with me.
Thanks,
Blake
From: Paul Cotton [mailto:pcotton@microsoft.com]
> 1. The Specification of MimeType attribute is optional when content as well as headers of the attachment are being encrypted. The phrasing in the current draft of SwA Profile makes it seem that MimeType is required for either transforms (Section 4.4.2, Step 4)
Can you propose exact replacement text that is acceptable to the Interop participants to fix this issue?
>2. The Id Attribute for <EncrryptedData> should not have a namespace qualifier (e.g. “wsu”) because it falls under the XML Encryption spec and not WS-Security
Does this mistake occur in any examples in the specification or was just an error in one of the implementations? If the latter I wonder what if anything we need to do in the spec? Again is there specific additional text that you would propose?
/paulc Paul Cotton, Microsoft Canada From: Blake Dournaee
[mailto:blake@sarvega.com]
All,
Here are two more minor issues that we encountered during the first interoperability event:
Thanks,
Blake Dournaee Senior Security Architect Sarvega, Inc. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]