OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: CEM and AS4

An interested end-user asked me if AS4 can be used with the IETF CEM. He feels strongly that adoption of AS4 would benefit from a standardized certificate exchange mechanism for organizations like his that have hundreds of trading partners.
There seem to be three aspects to his question:
1)   Using CEM to update certificate information.
ebMS3 has Pmode parameters PMode[1].Security.X509.Signature.Certificate, PMode[1].Security.X509.Encryption.Certificate (defined in Part 1) and  Pmode[1].Protocol.Security.Server.Certificate and  Pmode[1].Protocol.Security.Client.Certificate (defined in Part 2). Updates of the values for these would be exchanged as CEM messages.
2)   Using AS4 (rather than AS2 or AS1) as a transport protocol for the certificate exchange messages. 
The CEM spec is defined using the EDIINT MIME structures. An AS4 (or more general ebMS3) profile of CEM would define standardized values for Service and Action, and define the message structure. The CEM XML message would be a first payload and any referenced certificates would be stored in subsequent MIME containers.  WS-Security would be used to secure the messages.
3)  Whether there is sufficient market interest in this. 
Can we discuss this on tomorrow's call?

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]