ebxml-cppa message

Subject: RE: [ebxml-cppa] Constituent type (draft) modification for ebMS WSS configuration support (not relying on ws-policy based options)

From: "Moberg Dale" <dmoberg@axway.com>
To: <Monica.Martin@Sun.COM>
Date: Wed, 22 Aug 2007 09:37:15 -0700

Thanks Monica for your comment. On point number 2, I asked:

>2. Any combinations that need support left out?
>
mm1: If you also want to support security policy in some way, it also 
specifies encryptBeforeSign in Section 6.3 of specification. Thanks.

Here is a way to accomplish that with the current definition; consider
whether you think this would work. 

ElementRef has 3 boolean attributes-- signed, encrypted,
signBeforeEncrypt.

Unless both signed and encrypted are both true, order is irrelevant.
When both true, then either you must encrypt before signing or sign
before encrypting. So when signBeforeEncrypt is true, then the signing
is first. When signBeforeEncrypt is false, it must be that you encrypt
then sign the element.

I suspect we need to document that semantics in the schema annotations
and the text for ebMS 3 support. I am still working on cleaning up that
table for the appendix, however.

Dale Moberg

Follow-Ups:
- Re: [ebxml-cppa] Constituent type (draft) modification for ebMS WSSconfiguration support (not relying on ws-policy based options)
  - From: "Monica J. Martin" <Monica.Martin@Sun.COM>

References:
- Constituent type (draft) modification for ebMS WSS configuration support (not relying on ws-policy based options)
  - From: "Moberg Dale" <dmoberg@axway.com>
- Re: [ebxml-cppa] Constituent type (draft) modification for ebMS WSSconfiguration support (not relying on ws-policy based options)
  - From: "Monica J. Martin" <Monica.Martin@Sun.COM>