OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ebxml-msg] Some suggestions regarding default securitysettings in ebMS 3.0

Am Mittwoch, den 14.02.2007, 16:20 -0700 schrieb Dale Moberg:
> Sacha Schlegel wrote:
> In this discussion, signature and encryption were identified as two key
> functions, and the order in which they occur. It was noted that ebMS 3.0
> no longer specifies the default configuration as was defined in ebMS
> 2.0.
> ebMS 2.0 has two defaults:
> a) encrypt first, then sign. As a Note in section
> Hi Sacha,
> The TC found that the ebMS 2.0 default on protection ordering was
> actually sign, then encrypt.

Correct. As note in section of ebMS 2.0 sign first and then

sorry for the mix up.

> The current ebMS 3.0 draft appears to use this as the order default
> across any conformance profile.


> So the updates proposed for defaults in the Gateway conformance profile
> will mainly deal with providing defaults on what an application will
> sign and what it will encrypt (when the end users involved do not
> otherwise agree on referenced parts, elements, or attachments).

ok sounds good to me. So this would be like that XPath expression that
was provided for ebMS 2.0, at least for the signing part.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]