OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

dss-x message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [dss-x] Groups - Potential Requirements for ebXML / DSS Profile (EbXML-dss-requirements.doc) uploaded

Hello Juan Carlos,

As the document is partly based on a discussion between Nick and me, please
allow me to contribute to this discussion.

First of all, you are right that the document describes two different
scenarios, which could be two separate profiles.

The first is an alternative transport protocol to transport DSS messages
using ebXML Messaging.  The profile would standardize names and use of ebXML
SOAP header extension elements corresponding to the DSS operations, the
packaging of DSS documents and provide a Collaboration Protocol Agreement
(CPA) template.  I can contribute some input to this.  

The second scenario is more speculative. It came up during a requirements
study for ebXML intermediaries and is similar to the functionality of the
"inspector component" in the in-line deployment model of the signature
gateway. Suppose company A wants to send a Universal Business Language (UBL)
order or invoice document to a business partner B that requires an enveloped
digital signature. Company A could use the DSS SignRequest/SignResponse with
a DSS server to obtain a signed UBL document, then send the UBL document in
an ebXML (or other SOAP-based) message to partner B.  The proposed variant
would instead combine the signing operation and the sending to the business
partner as follows:  company A sends an ebXML message containing an unsigned
UBL document and a SignRequest to a DSS intermediary D, which forwards a
modified version of the ebXML message that contains the updated signed UBL
document.  D could also validate any signatures on documents in incoming
messages, and attach verification confirmation to the forwarded message.

Kind regards,


P.S. This is my first post as a member for this TC. I have been unable to
attend the TC meetings due to a schedule conflict, but intend to participate
more actively over time. 

-----Original Message-----
From: Juan Carlos Cruellas [mailto:cruellas@ac.upc.edu] 
Sent: 15 October 2007 17:55
To: nick.pope@thales-esecurity.com
Cc: dss-x@lists.oasis-open.org
Subject: Re: [dss-x] Groups - Potential Requirements for ebXML / DSS Profile
(EbXML-dss-requirements.doc) uploaded


Looking at the document it looks like it is talking of two different
profiles, one that could actually profile ebxml protocol for transporting
dss messages (and please correct me if you think that I missinterpreted the
content), and another one on a gateway function. Is that correct?

If so, I am not completely sure to understand the second one. The text
reads: "This proposal is for the application of DSS based signatures to
ebXML messages as they pass out through a company gateway /service
provider...". What I understand is that the text is proposing a profile for
requesting signatures for ebXML messages...is that correct? and in the same
way, the profile should also include messages for requesting verificaiton of
signatures present in ebXML messages...

But then I read that "this is not the same as conventional DSS requset
/response messaging.." and I am not sure of having understood what should
this profile be about.


Juan Carlos.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]