[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Issue 97: No support for message level encryption of headers for WSS 1.0?
Corinna, sp:EncryptedElements can be used to specify encryption for any element in the message. If WSS 1.0 is being used, sp:EncryptedParts cannot be used to specify headers that must to be encrypted. We could change the sentence; "As such, if WSS 1.1 Encrypted Headers are not supported by a service, then headers cannot be encrypted using message level security." to read "As such, if WSS 1.1 Encrypted Headers are not supported by a service, then this element cannot be used to specify headers that require encryption using message level security." Gudge > -----Original Message----- > From: Marc Goodner [mailto:mgoodner@microsoft.com] > Sent: 26 July 2006 20:03 > To: Corinna Witt; ws-sx@lists.oasis-open.org > Subject: [ws-sx] Issue 97: No support for message level > encryption of headers for WSS 1.0? > > Issue 97. > > ________________________________ > > From: Corinna Witt [mailto:cwitt@bea.com] > Sent: Wed 7/26/2006 11:59 AM > To: ws-sx@lists.oasis-open.org > Cc: Marc Goodner > Subject: NEW ISSUE: No support for message level encryption > of headers for WSS 1.0? > > > > PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL > THE ISSUE IS ASSIGNED A NUMBER. > The issues coordinators will notify the list when that has occurred. > > Protocol: ws-sp > > http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.ph > p/18837/ws > -securitypolicy-1.2-spec-ed-01-r07.pdf > > Artifact: spec > > Type: design > > Title: No support for message level encryption of headers for WSS 1.0? > > Description: > > Line 691-693 under /EncryptedParts/Header: "Such encryption > will encrypt > such elements using WSS 1.1 Encrypted Headers. As such, if WSS 1.1 > Encrypted Headers are not supported by a service, then > headers cannot be > encrypted using message level security." > > Does this mean ws-sp prohibits the encryption of headers > using WSS 1.0? > Or does this mean that *if* you're using WSS 1.1 you have to use > EncryptedHeader? If the latter is the case, can /EncryptedParts/Header > still be used to specify header encryption for WSS 1.0, or should > EncryptedElements be used? > ______________________________________________________________ > _________ > Notice: This email message, together with any attachments, > may contain > information of BEA Systems, Inc., its subsidiaries and > affiliated > entities, that may be confidential, proprietary, > copyrighted and/or > legally privileged, and is intended solely for the use of the > individual > or entity named in this message. If you are not the intended > recipient, > and have received this message in error, please immediately > return this > by email and then delete it. > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]