[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ebxml-cppa] Constituent type (draft) modification for ebMS WSSconfiguration support (not relying on ws-policy based options)
Moberg Dale wrote: >(quoted printable encoding trashed message original. Will send update >before meeting.) > >Here is a modification to the current ConstitutentType to accommodate >WSS configuration support across multiparts, with both Mime part >granularity and XML element granularity. This seems more than enough >functionality to me, but add questions as appropriate. It still remains >possible to use ws-policy for security to express configuration >capabilities or agreements. Placed on agenda for discussion at August >status meeting August 24 2007. > > ><xsd:complexType name=3D"ConstituentType"> > > <xsd:sequence maxOccurs=3D"unbounded"> > > <xsd:element >ref=3D"tns:SignatureTransforms" minOccurs=3D"0"/> > > <xsd:element >ref=3D"tns:EncryptionTransforms" minOccurs=3D"0"/> > > <xsd:element ref=3D"tns:ElementRef" >minOccurs=3D"0" maxOccurs=3D"unbounded"/> > > </xsd:sequence> > > <xsd:attribute name=3D"idref" type=3D"xsd:IDREF" >use=3D"required"/> > > <xsd:attribute name=3D"excludedFromSignature" >type=3D"xsd:boolean" default=3D"false"/> > > <xsd:attribute >name=3D"excludedFromDataConfidentiality" type=3D"xsd:boolean" /> > > <xsd:attribute name=3D"minOccurs" >type=3D"xsd:nonNegativeInteger"/> > > <xsd:attribute name=3D"maxOccurs" >type=3D"xsd:nonNegativeInteger"/> > > </xsd:complexType> > > <xsd:element name=3D"ElementRef" >type=3D"tns:ElementRef"></xsd:element> > > <xsd:complexType name=3D"ElementRef" > > > <xsd:attribute name=3D"signed" = >type=3D"xsd:boolean" >use=3D"optional"/> > > <xsd:attribute name=3D"encrypted" >type=3D"xsd:boolean" use=3D"optional"/> > > <xsd:attribute name=3D"signBeforeEncrypt" >type=3D"xsd:boolean" use=3D"optional" default=3D"true"/> > > </xsd:complexType> > >=20 > >=20 > >Issues: > >=20 > >1. Should the MIME part granularity attribute "excludedFromSignature" >have a default? > > mm1: Might be best as this is not optional use. We should think about whether default is practical for optional attributes however. >2. Any combinations that need support left out? > mm1: If you also want to support security policy in some way, it also specifies encryptBeforeSign in Section 6.3 of specification. Thanks.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]