OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Re: S/MIME


Dan Weinreb wrote:
> 
> Chris, in mail some time ago, you said:
> 
>    Transient confidentiality may be provided at the transport level using
>    TLS (SSL), IPSEC or other similar mechanisms which provide for encryption
>    on the wire. S/MIME may be used to provide for persistent confidentiality
>    of the payload object(s).
> 
> Is it really OK to use S/MIME in this way?  The MS spec doesn't seem
> to say anything about S/MIME.
> 
> I have not yet gotten up to speed on S/MIME (so many RFC's, so little
> time) but would we have to specify something about how the key
> exchange is done, analogously to the initial negotiation in TLS?
> There would have to be some way to tell the MSH the avlue of the
> private key and corresponding certificate, no?  I don't really
> know the details, but it seems that if we want to allow S/MIME,
> we have to do more than just say "yes, go ahead, use S/MIME"...
> 
> Thanks.
> -- Dan
Dan,

The ebMS spec doesn't say anything about the payload intentionally.
The reference to S/MIME means that the payload, not the overall "envelope"
can be S/MIME encrypted.

As for key exchange, that is clearly outside our scope. How parties
negotiate their shared PKI is not our concern in designing the
ebMS messaging protocol. That would be in the domain of something like
XKMS.

Cheers,

Chris


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC