[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ebxml-msg-as4] Some Security Module Profiling Proposals
I'd like to make the following profiling proposals for AS4 for Section 7 of the ebMS v3 Spec. Please comment and provide feedback.
7.2 Signing Messages
AS4 messages SHALL NOT use Enveloped Signatures. Only Detached Signatures will be supported for signing user messages and signal messages.
The entire eb:Messaging Container Element and the SOAP Body MUST be included in the signature.
7.3 Signing SOAP with Attachments Messages
AS4 messages that are packaged using SOAP with Attachments SHALL NOT use the Attachment-Complete transform. Only the Attachment-Content-Only transform will be used.
The entire eb:Messaging Container Element and all MIME body parts MUST be included in the signature.
7.4 Encrypting Messages
The eb:PartyInfo section SHALL NOT be encrypted.
The SOAP Body MUST be encrypted.
7.5 Encrypting SOAP with Attachments Messages
MIME body parts of included payloads MUST be encrypted.
--------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]