[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ebxml-msg] Some suggestions regarding default security settings in ebMS 3.0
Sacha Schlegel wrote: In this discussion, signature and encryption were identified as two key functions, and the order in which they occur. It was noted that ebMS 3.0 no longer specifies the default configuration as was defined in ebMS 2.0. ebMS 2.0 has two defaults: a) encrypt first, then sign. As a Note in section 4.1.4.5 Hi Sacha, The TC found that the ebMS 2.0 default on protection ordering was actually sign, then encrypt. The current ebMS 3.0 draft appears to use this as the order default across any conformance profile. So the updates proposed for defaults in the Gateway conformance profile will mainly deal with providing defaults on what an application will sign and what it will encrypt (when the end users involved do not otherwise agree on referenced parts, elements, or attachments).
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]