[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ebxml-cppa] Constituent type (draft) modification for ebMS WSS configuration support (not relying on ws-policy based options)
Thanks Monica for your comment. On point number 2, I asked: >2. Any combinations that need support left out? > mm1: If you also want to support security policy in some way, it also specifies encryptBeforeSign in Section 6.3 of specification. Thanks. Here is a way to accomplish that with the current definition; consider whether you think this would work. ElementRef has 3 boolean attributes-- signed, encrypted, signBeforeEncrypt. Unless both signed and encrypted are both true, order is irrelevant. When both true, then either you must encrypt before signing or sign before encrypting. So when signBeforeEncrypt is true, then the signing is first. When signBeforeEncrypt is false, it must be that you encrypt then sign the element. I suspect we need to document that semantics in the schema annotations and the text for ebMS 3 support. I am still working on cleaning up that table for the appendix, however. Dale Moberg
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]