OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [ws-sx] Issue 86: No policy support for content encryption?


Hi,

There also seems to be no support for #Content encryption of
/EncryptedParts/Header, or rather, there's no reference to whether
Header encrytpion is by default #Element or #Content in line 687-696,
and how to specify the non-default. 

Can this handled under the same issue # ?

Corinna

-----Original Message-----
From: Marc Goodner [mailto:mgoodner@microsoft.com] 
Sent: Monday, July 10, 2006 9:01 AM
To: Frederick Hirsch; ws-sx@lists.oasis-open.org
Subject: [ws-sx] Issue 86: No policy support for content encryption?

Issue 86

-----Original Message-----
From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com]
Sent: Friday, July 07, 2006 11:05 AM
To: ws-sx@lists.oasis-open.org
Cc: Hirsch Frederick; Marc Goodner
Subject: NEW Issue: No policy support for content encryption?

PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL
THE ISSUE IS ASSIGNED A NUMBER.
The issues coordinators will notify the list when that has occurred.

Protocol:  ws-sp

ws-securitypolicy-1.2-spec-ed-01-r07-diff

<http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/
18836/ws-securitypolicy-1.2-spec-ed-01-r07-diff.doc>

Artifact:  spec

Type: design

Title: No policy support for content encryption?

Description:
The EncryptedElements assertion requires element encryption, at line
724. There is no corresponding EncryptedContent assertion. So there is
no way to require encryption of the content of an element (e.g.  
xenc Type xmlenc#Content), only an element itself. This could be a
limitation to policy expressiveness, when element content needs to be
secured but the element itself not.

Related issues: none

Proposed Resolution:

regards, Frederick

Frederick Hirsch
Nokia


_______________________________________________________________________
Notice:  This email message, together with any attachments, may contain
information  of  BEA Systems,  Inc.,  its subsidiaries  and  affiliated
entities,  that may be confidential,  proprietary,  copyrighted  and/or
legally privileged, and is intended solely for the use of the individual
or entity named in this message. If you are not the intended recipient,
and have received this message in error, please immediately return this
by email and then delete it.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]