[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] scenarios for first interop
Here are some additional SOAP Message security interop test-cases that we should consider for the first or second interop event. I am numbering them after the first four that Chris Kaler has proposed just in case we decide to compile these in some interop testing document: 5. Signing and encrypting specific attachments in a Multi-part MIME SOAP message. 6. Signing and encrypting all attachments in a Multi-part MIME SOAP message. 7. Decrypting and verifying signatures of specific attachments in a Multi-part MIME SOAP message. 8. Decrypting and verifying signatures of all the attachments in a Multi-part MIME SOAP message. 9. Signing and encrypting SOAP Body and specific attachment in Multi-part MIME SOAP message. 10. Decrypting and signature verification of content in SOAP Body and required attachment in a Multi-part MIME SOAP message. 11. SOAP Message Token Processing for X.509 Certificates and SAML Tokens, e.g., for authenticating a sending web service application by a receiving web services applications. Also, #4 is quite important to flesh out in advance for #1 thru #3 and #5 thru #11. thanks, Zahid Ahmed Commerce One, Inc. -----Original Message----- From: Chris Kaler [mailto:ckaler@microsoft.com] Sent: Monday, March 03, 2003 8:32 AM To: Web Services Security Subject: [wss] scenarios for first interop I had the action to propose some initial scenarios for a first interop event. If people like these, I'll add more details like WSDL, example messages, etc. 1. Send message with U/P over SSL and get response 2. Send message with U/P-Hash and get response signed with X.509 3. Send message with X.509 signature and encrypted with key passed in EncryptedKey using recipients certificate referenced by identifier 4. Variations on algorithms (C14N, encryption, etc.) Signatures are over key headers and body. Encryption is only on body. Basically people would implement both clients and servers and then we would interchange the components. Chris ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]