OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: WSI signatures propsal & impact on ebXML Messaging

TC members,


           I have been forwarded the following from people attending the WSI meeting this week about using detached signatures as part of their profile.   As the current version 2 specification uses enveloped signatures I would appreciate any comments from those of you that understand the issue better than I.  This decision will obviously affect any version 3 work that relates to security and WSI profile(s) these are items under consideration for inclusion.


          Please forward to any parties that may have a view on this issue.


From WSI meeting:
This is the relevant part from our Draft Profile

8.1 General Constraints on XML Signature

8.1.1 Use Detached Signatures

Due to the nature of the SOAP processing model, which is based on recognising the elements that are children of soap:Header and/or soap:Body use of enveloping signatures, where the signed XML is encapsulated in a ds:Signature element, is inappropriate. Similarly, the definition of SOAP headers and body content will typically not anticipate the presence of ds:Signature as a child element, so enveloped signatures are also inappropriate. Consequently this profile mandates use of detached signatures.

R3102 XML Signatures in a MESSAGE MUST be Detached Signatures as defined by the XML Signature specification. 

Neither enveloping nor enveloped signatures are supported.



Ian Jones
Chair OASIS ebXML Messaging Services TC

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]