[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] Use of Decryption Transform
+1 > -----Original Message----- > From: Michael McIntosh [mailto:mikemci@us.ibm.com] > Sent: Monday, December 13, 2004 3:30 PM > To: wss@lists.oasis-open.org > Subject: [wss] Use of Decryption Transform > > > > > > > Unlike Hal, I think that the scenario described in section > 9.4 is relevant: > > "The ordering semantics of the <wsse:Security> header are > sufficient to > determine if signatures are over encrypted or unencrypted > data. However, > when a signature is included in one <wsse:Security> header and the > encryption data is in another <wsse:Security> header, the > proper processing > order may not be apparent. > If the producer wishes to sign a message that MAY > subsequently be encrypted > by an intermediary then the producer MAY use the Decryption > Transform for > XML Signature to explicitly specify the order of decryption." > > However, I agree with Hal that we do not want to require that > all consumers > implement code to untangle dependencies in the event that a producer > includes it. > > I propose that we remove this section and when time permits I > will generate > a profile submission for use of the Decryption Transform with WSS. > > > To unsubscribe from this mailing list (and be removed from > the roster of the OASIS TC), go to > http://www.oasis-open.org/apps/org/workgroup/wss/members/leave > _workgroup.php. > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]