[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Summary of evaluation discussion of Sander's scenario for One-Way Push with Intermediaries
Sanders reviewed his proposal. We then began to review Pim’s
discussion questions on the scenario. Sanders scenario uses at least two WS-RM sessions, sender to
intermediary and intermediary to receiver. The intermediary would need to maintain a routing table. The first focus of discussion was on security. It is not yet known what WS-I will require for operation
with WSS and WS-RM because the WS-I profile is not released. Pim pointed out that if the WS-RM headers were signed over,
then the original WSS signature would not validate because of the changed WS-RM
information. Dale wondered how much interest there would be if the sender’s
signature could not be checked over the soap envelope’s body. Sanders pointed out that possibly two signatures could be
included in the WSS header or perhaps two WSS headers could be included. Dale recalled that WS-I BSP contained Requirements
constraining WSS headers (because interleaving encryption and signing does not
work when multiple WSS header blocks are present). The more precise BSP statements
involved the targets/actors of the headers. Possibly multiple headers could be
included if they were appropriately targeted. Possibly also multiple signatures
could be included in a single header block and then be edited to allow the
sender signature to be propagated. While there may be some way to allow
intermediary resigning, and sender WSS header block editing, that results in an
end to end signature, the procedure would be considerably more complicated than
that envisioned in the Core profile. It was agreed that the scenario would
probably involve some modification to the core profile for senders and
receivers. Whether security could be maintained should be checked by an
implementation also because the procedure could be quite complex. The upshot is that while the scenario might be OK for WS-RM,
the security situation becomes quite a bit more complicated. The advantage of
transparency on intermediary is that it tends to make security less difficult. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]