[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: NEW ISSUE: provide means to specify which signing transform to use for attachments
PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. The issues coordinators will notify the list when that has occurred. Protocol: ws-sp http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws- securitypolicy-1.2-spec-os.pdf Artifact: spec Type: design Title: provide means to specify which signing transform to use for attachments Description: Related to issue PR020 http://docs.oasis-open.org/ws-sx/issues/Issues.xml#PR020 WSS 1.1: SwA Profile allows two transforms for signature: Attachment- Content-Signature-Transform and Attachment-Complete- Signature- Transform - depending on whether we need to integrity protect just the attachment or also the mime headers associated with it. Need to specify required transform. See http://www.oasis-open.org/apps/org/workgroup/ws-sx/email/archives/ 200801/msg00016.html Proposed Resolution: In section 4.1.1, SignedParts Assertion add at end: /sp:SignedParts/sp:Attachments/sp:Content-Signature-Transform The Attachment-Content-Signature-Transform must be used as part of attachment protection. /sp:SignedParts/sp:Attachments/sp:Attachment-Complete-Signature- Transform The Attachment-Complete-Signature-Transform must be used as part of attachment protection. This is the default if neither /sp:SignedParts/sp:Attachments/sp:Content-Signature-Transform or / sp:SignedParts/sp:Attachments/sp:Attachment-Complete-Signature- Transform are specified. regards, Frederick Frederick Hirsch Nokia
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]