OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ws-sx] Issue 97: No support for message level encryption of headers for WSS 1.0?

Corinna,

sp:EncryptedElements can be used to specify encryption for any element
in the message.

If WSS 1.0 is being used, sp:EncryptedParts cannot be used to specify
headers that must to be encrypted.

We could change the sentence;

"As such, if WSS 1.1 Encrypted Headers are not supported by a service,
then headers cannot be encrypted using message level security."

to read

"As such, if WSS 1.1 Encrypted Headers are not supported by a service,
then this element cannot be used to specify headers that require
encryption using message level security."

Gudge 

> -----Original Message-----
> From: Marc Goodner [mailto:mgoodner@microsoft.com] 
> Sent: 26 July 2006 20:03
> To: Corinna Witt; ws-sx@lists.oasis-open.org
> Subject: [ws-sx] Issue 97: No support for message level 
> encryption of headers for WSS 1.0?
> 
> Issue 97.
> 
> ________________________________
> 
> From: Corinna Witt [mailto:cwitt@bea.com]
> Sent: Wed 7/26/2006 11:59 AM
> To: ws-sx@lists.oasis-open.org
> Cc: Marc Goodner
> Subject: NEW ISSUE: No support for message level encryption 
> of headers for WSS 1.0?
> 
> 
> 
> PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL
> THE ISSUE IS ASSIGNED A NUMBER. 
> The issues coordinators will notify the list when that has occurred.
> 
> Protocol: ws-sp
> 
> http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.ph
> p/18837/ws
> -securitypolicy-1.2-spec-ed-01-r07.pdf
> 
> Artifact: spec
> 
> Type: design
> 
> Title: No support for message level encryption of headers for WSS 1.0?
> 
> Description:
> 
> Line 691-693 under /EncryptedParts/Header: "Such encryption 
> will encrypt
> such elements using WSS 1.1 Encrypted Headers. As such, if WSS 1.1
> Encrypted Headers are not supported by a service, then 
> headers cannot be
> encrypted using message level security."
> 
> Does this mean ws-sp prohibits the encryption of headers 
> using WSS 1.0?
> Or does this mean that *if* you're using WSS 1.1 you have to use
> EncryptedHeader? If the latter is the case, can /EncryptedParts/Header
> still be used to specify header encryption for WSS 1.0, or should
> EncryptedElements be used?
> ______________________________________________________________
> _________
> Notice:  This email message, together with any attachments, 
> may contain
> information  of  BEA Systems,  Inc.,  its subsidiaries  and  
> affiliated
> entities,  that may be confidential,  proprietary,  
> copyrighted  and/or
> legally privileged, and is intended solely for the use of the 
> individual
> or entity named in this message. If you are not the intended 
> recipient,
> and have received this message in error, please immediately 
> return this
> by email and then delete it.
> 
> 
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]