[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Issue 160: Unclear behavior forRequireSignatureConfirmation Assertion where there is no Signature
Issue 160. -----Original Message----- From: Hyen V Chung [mailto:hychung@us.ibm.com] Sent: Wednesday, January 16, 2008 3:31 PM To: ws-sx@lists.oasis-open.org Cc: Marc Goodner Subject: [ws-sx] NEW Issue: Unclear behavior for RequireSignatureConfirmation Assertion where there is no Signature PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. The issues coordinators will notify the list when that has occurred. Protocol: WS-SecurityPolicy WS-SecurityPolicy 1.2 OASIS Standard 1 July 2007 ( http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf ) Artifact: spec Type: design Title: Unclear behavior for RequireSignatureConfirmation Assertion where there is no Signature Description: The description of the RequireSignatureConfirmation assertion behavior from line 2550 to 2556, that the wsse11:SignatureConfirmation elements MUST be used and signed by the message signature (when the value is set to true for Signature Confirmation property). What happen for cases that there is no sp:SignedParts or sp:SignedElements defined in the policy, in this case, there is no Signature in the message, should the Signature Confirmation element be signed? "This boolean property specifies whether wsse11:SignatureConfirmation elements should be used as defined in WSS: Soap Message Security 1.1. If the value is 'true', wsse11:SignatureConfirmation elements MUST be used and signed by the message signature. If the value is 'false', signature confirmation elements MUST NOT be used. The value of this property applies to all signatures that are included in the security header. This property has a default value of 'false'." Related issues: Proposed Resolution: Thanks, Henry --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. You may a link to this group and all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]