[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Issue PR020: Provide mechanism to specify signing orencryption of SwA (SOAP Messages with Attachments)
Frederick, Yes, that was exactly my issue. Uniformly protecting all attachments sounds like a reasonable approach to me. I think it would help if you provide more detailed wording for your proposal so that editors can just use it in the document when the issue gets accepted by the TC. Thanks, --Jan -----Original Message----- From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com] Sent: Monday, February 19, 2007 6:46 AM To: Jan Alexander Cc: Frederick Hirsch; ws-sx@lists.oasis-open.org; Greg Carpenter Subject: Re: [ws-sx] Issue PR020: Provide mechanism to specify signing or encryption of SwA (SOAP Messages with Attachments) Jan Thank you for reviewing my proposal. The simplest case is to simply require all attachments to be signed/ encrypted, presumably sign first if both. I'm not sure how policy author would be able to state for individual attachments since cid's are probably not available at the time policy is written. Thus I'm not sure how to state meaningful policy at a granularity of individual attachment at policy writing time. regards, Frederick Frederick Hirsch Nokia On Feb 18, 2007, at 1:37 PM, ext Jan Alexander wrote: > Hi Frederick, > > I took an action item on the last TC call to look more into your > proposal below. > > In general, I agree with the proposed solution since message > attachments are generally considered as parts of the message. > However I wonder what is your proposal for identifying individual > attachments? Since WS-SP does not depend on WSDL and is WSDL > agnostic it is not clear to me how the attachment parts are > distinguished if there is more than one attached to the message so > that the individual attachments can be mapped to the respective > protection assertion "attachment" elements in the receiver's > security policy. Or is your proposal to uniformly protect all the > message attachments by using a single "attachment" element? > > Thanks, > --Jan > > > -----Original Message----- > From: Greg Carpenter [mailto:gregcarp@microsoft.com] > Sent: Monday, February 12, 2007 7:16 AM > To: ws-sx@lists.oasis-open.org > Cc: Frederick Hirsch > Subject: [ws-sx] Issue PR020: Provide mechanism to specify signing > or encryption of SwA (SOAP Messages with Attachments) > > Issue PR020 > > -----Original Message----- > From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com] > Sent: Sunday, February 11, 2007 8:09 AM > To: WS-SX OASIS > Cc: Hirsch Frederick; Carpenter Greg > Subject: [ws-sx] NEW Issue: Provide mechanism to specify signing or > encryption of SwA (SOAP Messages with Attachments) > > PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL > THE ISSUE IS ASSIGNED A NUMBER. > > The issues coordinators will notify the list when that has occurred. > > Protocol: ws-securitypolicy > http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/21401/ > ws-securitypolicy-1.2-spec-cd-01.pdf > > Artifact: spec > > Type: design > Title: No means to express need to secure SOAP Messages with > Attachments (SwA) > > Description: > > The current specification provides no mechanism to express the > requirement to secure SOAP Messages with Attachments (SwA). > > Related issues: > None. > Proposed Resolution: > > Add to sp:SignedParts and sp:EncryptedParts sp:SignedParts/Attachment > and sp:EncryptedParts/Attachment respectively. > > regards, Frederick > > Frederick Hirsch > Nokia > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]