OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] Commented: (EBXMLMSG-13) D.3.6. and 5.2.2.12, external payloads

    [ http://tools.oasis-open.org/issues/browse/EBXMLMSG-13?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=34025#action_34025 ] 

Pim van der Eijk commented on EBXMLMSG-13:
------------------------------------------

Here is a proposal for D3.6

PMode[1].Security.X509.Sign.ExternalPayloads:  the Boolean value of this parameter indicates if external payloads (payloads that are neither SOAP Body content nor referenced MIME parts) are to be signed. If true, the WS-Security module of the sending MSH MUST include ds:Reference elements for each resource identified in the URI values of eb:PayloadInfo/eb:PartInfo/@href attributes of external payloads. 

PMode[1].Security. X509.Encryption.Encrypt.ExternalPayloads:  the Boolean value of this parameter indicates if external payloads (payloads that are neither SOAP Body content nor referenced MIME parts) are to be encrypted. If true, the WS-Security of the sending MSH module MUST encrypt each resource identified in the URI values of eb:PayloadInfo/eb:PartInfo/@href attributes of external payloads. The receiving MSH MUST resolve and decrypt external payloads prior to delivery.



> D.3.6. and  5.2.2.12,  external payloads
> ----------------------------------------
>
>                 Key: EBXMLMSG-13
>                 URL: http://tools.oasis-open.org/issues/browse/EBXMLMSG-13
>             Project: OASIS ebXML Messaging Services TC
>          Issue Type: Bug
>          Components: Core Spec
>            Reporter: Pim van der Eijk
>
> According to section 5.2.2.12,  it is possible to reference payload parts outside the ebMS envelope.  E.g. a static file on Web server or some data in a Cloud storage service.   This is a useful feature as it allows a sender to send a small message that references possibly huge payloads.  The receiver could download those payloads at a time that is convenient for them.  We have had requests for this feature in the past, and it is functionality of some proprietary protocols.  But the feature is underspecified in the core spec.  
> In D.3.6, it is possible to express that parts of the SOAP envelope or attachments are to be signed,  but it is not possible to specify that parts outside the ebMS envelope are to be signed using PMode[1].Security.Sign.   It is useful to be able to sign those payloads,  so non-repudiation covers those payloads as well.  Similarly, a signed receipt could then acknowledge that the receiver has downloaded the referenced parts and validated that the digest of those parts is valid.   (Since the payloads may be large,  such receipts should be sent asynchronously, giving the receiver time to download the parts). 

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]