OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [wss] WSS: Non-Repudiation Proposal

Tim,
 
There are several differences between the WS-NonRepudiation and WS-Reliability proposals. WSNR defines only a mechanism for requesting a receipt (message disposition notification in AS1/2 speak) and a mechanism for sending such a receipt back to the requestor. There is no provision for reliable delivery, although it could be used along with such a mechanism. Although WS-Reliability does define an acknowledgement mechanism, it does not define a cryptographic proof of acknowledgement (that the message was received intact and unaltered although it could be assumed if used in combination with signatures, it cannot be proved).
 
As to Tony's comments that followed your original posting. I have not reviewed the timeline that IBM set forth for defining reliable messaging mechanisms, so I cannot compare WSNR to the WSRM roadmap. Reactivity is proposing WSNR because we believe in the need a secure mechanism for voluntary non-repudiation of receipt. We think that this is a simple and fundamental addition that would significantly strengthen the current draft of the specification.
 
If you have any further questions about WSNR you are also welcome to call me.
 
-Eric
 
Eric Gravengaard
Secure XML
Reactivity
650-551-7891 (office)
eric@reactivity.com
 
-----Original Message-----
From: Tim Moses [mailto:tim.moses@entrust.com]
Sent: Friday, April 25, 2003 1:01 PM
To: Eric Gravengaard; [wss oasis] (E-mail)
Subject: RE: [wss] WSS: Non-Repudiation Proposal

Colleagues - Is not the right answer to this problem some marriage of WS-Reliability and WS-Security?  All the best.  Tim.
-----Original Message-----
From: Eric Gravengaard [mailto:eric@reactivity.com]
Sent: Friday, April 11, 2003 12:59 PM
To: [wss oasis] (E-mail)
Subject: [wss] WSS: Non-Repudiation Proposal

Reactivity would like to submit this document to the TC for consideration and inclusion in the Web Services Security: SOAP Message Security specification. The Web Services Security: Non-Repudiation proposal (WSNR) defines a standard mechanism for voluntary non-repudiation of receipt.
 
The goal of this proposal is to enable the exchange of SOAP messages in an environment where the SOAP Message sender has cryptographic proof that the SOAP Message responder received the request unaltered. This proposal makes use of the XML Signature specification to provide cryptographic proof of integrity and the WSS:SOAP Message Security Core to allow the transport of both receipt requests and receipts within a <Security> header.
 
This submission is made under the OASIS rules regarding intellectual property rights. Reactivity intends the contents of this document to be available for license royalty free.
 
See attached file: web-services-non-repudiation-05.pdf
 
 
Eric Gravengaard
Reactivity, Inc.
Secure XML
650-551-7891 (office)
eric@reactivity.com
 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]