[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Issue 76: How to reference a specific SC when initiating a session?
Prateek, Isn't this scenario addressed by lines 272-288 of WS-SecureConversation[1]? Gudge [1] http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/18840/ws -secureconversation-1.3-spec-ed-01-r06-diff.pdf > -----Original Message----- > From: Marc Goodner [mailto:mgoodner@microsoft.com] > Sent: 20 June 2006 16:23 > To: Prateek Mishra; ws-sx@lists.oasis-open.org > Subject: [ws-sx] Issue 76: How to reference a specific SC > when initiating a session? > > Tracked as Issue 76. > > -----Original Message----- > From: Prateek Mishra [mailto:prateek.mishra@oracle.com] > Sent: Tuesday, June 20, 2006 11:12 AM > To: ws-sx@lists.oasis-open.org > Cc: Marc Goodner > Subject: NEW ISSUE: How to reference a specific SC when initiating a > session? > > *PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL > THE ISSUE IS ASSIGNED A NUMBER. * > > *The issues coordinators will notify the list when that has occurred.* > > * * > > Protocol: ws-sc > > http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.ph > p/18838/ws > -secureconversation-1.3-spec-ed-01-r06-diff.doc > > > > > Artifact: spec > > > > Type: > > design > > > > Title: > > NEW ISSUE: How to reference a specific SC when initiating a session? > > > > Description: > > This issue concerns the following use-case: a requestor wishes to > participate in a multi-message session with a recipient. > The requestor acquires a SC token by some means from its > local security > system and adds it to the security header of a SOAP message. > The SOAP message is meant to initiate a sequence of exchanges with the > recipient, all of which are to be protected by the SC token. > Notice that > in general, the SOAP message may carry several security headers > including other security tokens. > > How can the requestor indicate to the recipient that a > specific SC token > is to be used for the session? > > > > Related issues: > > http://lists.oasis-open.org/archives/ws-rx/200606/msg00036.html > > > > Proposed Resolution: > > My best guess here is that the requestor add a new STR to the header. > The STR would include a reference to the SC and include in its usage > attribute a URI referencing the message body. If this is acceptable to > the TC, we need to include some text explaining this > "security pattern". > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]