OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [ebxml-msg] Id attribute

Thanks Pim - so we have a situation where sig references must either be followed for verification using either the optional 'id' (of type xdd:ID) in the eb:Messaging element or may also use wsu:Id, but always wsu:Id for all other elements such as Body. 

Is this not counterintuitive ?

Interestingly the current xwss libs also do not cater for this difference… and throw a WSS0285 error if no wsu:Id reference can be found ( uses xpath =  "//*[@Id='" + id + "']"; )

Would it not be better to update section 5.1.4 rule b of the as4 profile as follows ?

AS4 MSH implementations are REQUIRED to include the entire eb:Messaging SOAP header block and the (possibly empty) SOAP Body in the signature. The eb:Messaging header MAY be referenced using the “id” attribute or the "wsu:Id" attribute.

Further comments/input on this much appreciated.

On 11 Oct 2013, at 09:00 , Pim van der Eijk <pvde@sonnenglanz.net> wrote:

> 
> Hi Theo,
> 
> There is an "id" attribute defined in the ebMS3 header schema,  of type xsd:ID.  The signature can therefore reference the eb:Messaging element using a reference to this attribute.  The wsu:Id attribute is useful to add to elements that do not have an identifying attribute themselves,  such as the SOAP Body element.
> 
> Pim
> 
> On 10/11/2013 08:15 AM, Theo Kramer wrote:
>> I think we have a problem in both the core spec and the as4 profile in the case of the Id attribute
>> 
>> In section 5.1.4 profiling rule b of the as4 profile we have the following
>> 
>> AS4 MSH implementations are REQUIRED to include the entire eb:Mes- saging SOAP header block and the (possibly empty) SOAP Body in the sig- nature. The eb:Messaging header SHOULD be referenced using the “id” attribute.
>> 
>> My reading of section 4 of the Web Services Security: SOAP Message Security 1.1 (WS-Security 2004) would indicate that ebove is incorrect, ie. "id" should be "Id".
>> 
>> The examples both in the core spec and the as4 profile also use "id" instead of "Id".
>> 
>> This looks wrong to me.
>> 
>> Appreciate any comments on this.
>> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 

-- 
Regards
Theo

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]