OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] Commented: (EBXMLMSG-14) 5.2.2.12 external payloads

    [ http://tools.oasis-open.org/issues/browse/EBXMLMSG-14?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=33985#action_33985 ] 

Pim van der Eijk commented on EBXMLMSG-14:
------------------------------------------

This may best be done in a separate profile for external payloads:

Other aspects:
-      Any authentication of the external payload identified by an http:// or https:// URI.    For example, the payload may be protected by HTTP authentication.  The configuration (username / password) may be pre-configured, perhaps by PMode parameters.  But it can also be included in the message (as special ebMS properties).
-      If we assume WS-Security support including encryption, then the submitting application cannot simply specify the external URI.  Instead the encrypted external payload will somehow be created by the WS-Security module of the sending MSH.   So the submit() operation is different.  The submitting application or middleware provides content (or a reference to content). The sending MSH processes this content and creates a reference to it,  perhaps on some web server under control of the MSH.  The sending MSH will want to remove such payloads after some time, the time when this is done could be yet another property included in the message (just like websites supporting large transfer provide such information in notification emails).
-      Similarly, the deliver() operation will be different.  When the payload is encryption,  the receiving application or middleware should get the decrypted content, and the content validated by the WS-Security module (which may be different from a later download) so the URI of the external payload will be dereferenced before delivery.

..

-      Etc.


>  5.2.2.12 external payloads
> ---------------------------
>
>                 Key: EBXMLMSG-14
>                 URL: http://tools.oasis-open.org/issues/browse/EBXMLMSG-14
>             Project: OASIS ebXML Messaging Services TC
>          Issue Type: Improvement
>          Components: Core Spec
>            Reporter: Pim van der Eijk
>            Priority: Minor
>
> Sender and receiver may want to limit the domains on which external payloads can be stored,  for security or network configuration reasons.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]