OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] (EBXMLMSG-111) Encrypting parts of eb:Messaging header in AS4

Pim van der Eijk created EBXMLMSG-111:

             Summary: Encrypting parts of eb:Messaging header in AS4
                 Key: EBXMLMSG-111
                 URL: https://issues.oasis-open.org/browse/EBXMLMSG-111
             Project: OASIS ebXML Messaging Services TC
          Issue Type: Bug
          Components: AS4 Profile, Core Spec
            Reporter: Pim van der Eijk

Section 7.5 of the Core Spec states:

An MSH Implementation may encrypt the eb:Messaging Container Element. It may also encrypt select child elements of the eb:Messaging header, leaving other elements unencrypted. 

Section 5.1.6 of AS4 states:

If an AS4 user message is to be encrypted, AS4 MSH implementations MUST encrypt ALL payload parts. However, AS4 MSH implementations SHALL NOT encrypt the eb:Messaging header. 

When we wrote this,  it was (IIRC) our intention to rule out encryption of the eb:Messaging header as well as any of its child elements.  However, the wording in AS4 only rules out encrypting the entire header and is silent about partial encrypting at child element level. 

One AS4 implementation interpreted this as meaning that partial encryption is still allowed, as it is not explicitly ruled out in AS4 and possible in ebMS3.

That implementer also noted that full or partial encryption of the header is problematic,  for example a Receiving MSH may need to know which P-Mode to apply to an incoming message, which the headers in eb:Messaging normally facilitate,  but can't if they're encrypted

This message was sent by Atlassian JIRA

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]