[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ebxml-msg] Relevant comment posted on OASIS TC WS-SX list concerning policy domain assertions relevant to WSS security usage
That would match the P-Mode latest
version:
PMode[1].Security.X509.Sign
PMode[1].Security.X509.Sign.Element[]
PMode[1].Security.X509.Sign.Attachment[]
where each one of the two last parameters can handle a list of parts.
Same set of P-Mode
parameters exist with Encryption instead of
Sign.
-J
From: Dale Moberg [mailto:dmoberg@us.axway.com] Sent: Monday, February 12, 2007 7:42 AM To: ebxml-cppa@lists.oasis-open.org Cc: ebxml-msg@lists.oasis-open.org Subject: [ebxml-msg] Relevant comment posted on OASIS TC WS-SX list concerning policy domain assertions relevant to WSS security usage http://www.oasis-open.org/apps/org/workgroup/ws-sx/email/archives/200702/msg00008.html that requests:
Add to sp:SignedParts and sp:EncryptedParts sp:SignedParts/Attachment and sp:EncryptedParts/Attachment respectively.
and was submitted by Frederick Hirsch of Nokia
{As far as I can tell it is public or OASIS member accessible link }
The remaining policy features that are not documented pertain to whether signing should be done before or after encryption.
Concerns that pertain to this policy selection are replay/reuse (potential cut and paste of signed material and signature), traffic analysis (if identity is revealed by signature), etc.
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]