[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Note on PMode Security Type -- draft of complexType deferred until preliminary issues discussed.
I have several questions about the additions to PMode Security. One general question is that some of this information is
being captured in Policy Assertions in the WS-SC TC. I will need to do a review
to see about the duplications. Maybe we should consider reusing some of the
Policy assertions here? There is a ws policy extension for docexchange that is
to be defined for ebxml cppa 3.0. Just how it works (especially with respect to
policy attachment is an upcoming discussion item for the CPPA TC, probably
later this month. More specific issues. ·
PMode[1].Security.X509.Signature.Certificate: The value
of this parameter is a URI that identifies the public certificate to use when
verifying signed data. ·
PMode[1].Security.X509.Encryption.Certificate: The
value of this parameter is a URI that identifies the public certificate to use
when encrypting data. Can you elaborate a bit on how this URI identifies the
public certificate? Anything about trust anchor certificates or chain
verification? Identifying the elements to sign and/or encrypt. I am not
certain that the remarks about the “name of the XML element” really
help me know how these identifiers work. Need either some more work or a
retreat to perhaps making use of xpath, xpointer, uri refs (with id fragments),
etc. UserNameToken.[username|password] Discuss how we might
enable encryption for these values if they are exchanged (and I am not sure
they could be used without an exchange of some sort to set up the values even
if only using a SSL setup session…] We can review the complexType after these questions get some
more discussion. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]