[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Issue 86: No policy support for content encryption?
This issue fell off our radar because of a typo in the issue list that hid it from the summary listings. My apologies. -----Original Message----- From: Corinna Witt [mailto:firstname.lastname@example.org] Sent: Wednesday, July 26, 2006 11:49 AM To: Marc Goodner; Frederick Hirsch; email@example.com Subject: RE: [ws-sx] Issue 86: No policy support for content encryption? Hi, There also seems to be no support for #Content encryption of /EncryptedParts/Header, or rather, there's no reference to whether Header encrytpion is by default #Element or #Content in line 687-696, and how to specify the non-default. Can this handled under the same issue # ? Corinna -----Original Message----- From: Marc Goodner [mailto:firstname.lastname@example.org] Sent: Monday, July 10, 2006 9:01 AM To: Frederick Hirsch; email@example.com Subject: [ws-sx] Issue 86: No policy support for content encryption? Issue 86 -----Original Message----- From: Frederick Hirsch [mailto:firstname.lastname@example.org] Sent: Friday, July 07, 2006 11:05 AM To: email@example.com Cc: Hirsch Frederick; Marc Goodner Subject: NEW Issue: No policy support for content encryption? PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. The issues coordinators will notify the list when that has occurred. Protocol: ws-sp ws-securitypolicy-1.2-spec-ed-01-r07-diff <http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/ 18836/ws-securitypolicy-1.2-spec-ed-01-r07-diff.doc> Artifact: spec Type: design Title: No policy support for content encryption? Description: The EncryptedElements assertion requires element encryption, at line 724. There is no corresponding EncryptedContent assertion. So there is no way to require encryption of the content of an element (e.g. xenc Type xmlenc#Content), only an element itself. This could be a limitation to policy expressiveness, when element content needs to be secured but the element itself not. Related issues: none Proposed Resolution: regards, Frederick Frederick Hirsch Nokia _______________________________________________________________________ Notice: This email message, together with any attachments, may contain information of BEA Systems, Inc., its subsidiaries and affiliated entities, that may be confidential, proprietary, copyrighted and/or legally privileged, and is intended solely for the use of the individual or entity named in this message. If you are not the intended recipient, and have received this message in error, please immediately return this by email and then delete it.