ebxml-cppa message

Subject: Re: [ebxml-cppa] Constituent type (draft) modification for ebMS WSSconfiguration support (not relying on ws-policy based options)

From: "Monica J. Martin" <Monica.Martin@Sun.COM>
To: Moberg Dale <dmoberg@axway.com>
Date: Wed, 22 Aug 2007 13:03:17 -0700


>>2. Any combinations that need support left out?
>>
>mm1: If you also want to support security policy in some way, it also 
>specifies encryptBeforeSign in Section 6.3 of specification. Thanks.
>
>Here is a way to accomplish that with the current definition; consider
>whether you think this would work. 
>
>ElementRef has 3 boolean attributes-- signed, encrypted,
>signBeforeEncrypt.
>
>Unless both signed and encrypted are both true, order is irrelevant.
>When both true, then either you must encrypt before signing or sign
>before encrypting. So when signBeforeEncrypt is true, then the signing
>is first. When signBeforeEncrypt is false, it must be that you encrypt
>then sign the element.
>
>I suspect we need to document that semantics in the schema annotations
>and the text for ebMS 3 support. I am still working on cleaning up that
>table for the appendix, however.
>
>Dale Moberg
>
 >>monica: I've no preference whether this is implicit or explicit 
althought it can be documented in boolean attributes rather than 
specification language more easily. Either wa we have ot be clear what 
the semantics are. Thanks.

References:
- Constituent type (draft) modification for ebMS WSS configuration support (not relying on ws-policy based options)
  - From: "Moberg Dale" <dmoberg@axway.com>
- Re: [ebxml-cppa] Constituent type (draft) modification for ebMS WSSconfiguration support (not relying on ws-policy based options)
  - From: "Monica J. Martin" <Monica.Martin@Sun.COM>
- RE: [ebxml-cppa] Constituent type (draft) modification for ebMS WSS configuration support (not relying on ws-policy based options)
  - From: "Moberg Dale" <dmoberg@axway.com>