OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ws-sx] Issue 160: Unclear behavior forRequireSignatureConfirmation Assertion where there is no Signature

Issue 160.

-----Original Message-----
From: Hyen V Chung [mailto:hychung@us.ibm.com]
Sent: Wednesday, January 16, 2008 3:31 PM
To: ws-sx@lists.oasis-open.org
Cc: Marc Goodner
Subject: [ws-sx] NEW Issue: Unclear behavior for RequireSignatureConfirmation Assertion where there is no Signature


PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE
ISSUE IS ASSIGNED A NUMBER.
The issues coordinators will notify the list when that has occurred.

Protocol:  WS-SecurityPolicy

WS-SecurityPolicy 1.2 OASIS Standard 1 July 2007 (
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf
)

Artifact:  spec

Type: design

Title: Unclear behavior for RequireSignatureConfirmation Assertion where
there is no Signature

Description:

The description of the RequireSignatureConfirmation assertion behavior from
line 2550 to 2556, that the wsse11:SignatureConfirmation elements MUST be
used and signed by the message signature (when the value is set to true for
Signature Confirmation property). What happen for cases that there is no
sp:SignedParts or sp:SignedElements defined in the policy, in this case,
there is no Signature in the message, should the Signature Confirmation
element be signed?

"This boolean property specifies whether wsse11:SignatureConfirmation
elements should be used as defined in WSS: Soap Message Security 1.1. If
the value is 'true', wsse11:SignatureConfirmation elements MUST be used and
signed by the message signature. If the value is 'false', signature
confirmation elements MUST NOT be used. The value of this property applies
to all signatures that are included in the security header. This property
has a default value of 'false'."

Related issues:


Proposed Resolution:

Thanks,
Henry


---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  You may a link to this group and all your TCs in OASIS
at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]