[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Transforms for securing attachments
We request that the WSS TC define transforms that may be used for signing, verifying, encrypting and decrypting SOAP with Attachments [SwA] attachments using SOAP Message Security. We propose to reference these attachments using the Content-ID MIME header and a CID URI as defined in [RFC 2392]. We request that the WSS TC commit to work on this activity, and to start work on this immediately, in parallel with its other ongoing work. Defining such transforms will allow interested parties to sign and/or encrypt SwA attachments associated with SOAP messages using SOAP Message Security techniques, providing additional functionality that many OASIS constituents will find useful. We propose that the following transforms be specified: 1. MIME Part Signature Transforms - This transform is used for both signing and verifying MIME attachments. - This transform is to be used with a wsse:Security/ds:Signature ds:Reference that uses a CID URI to reference a SwA MIME part. - What is signed is the entire MIME part, including the MIME headers for that part. - More than one transform may be desired, perhaps one for including the MIME headers and another for excluding them. 2. MIME Part Encryption Transform - This transform is used to generate the plain text data from the MIME part that will be encrypted. - More than one transform may be desired, perhaps one for including the MIME headers and another for excluding them. 3. MIME Part Decryption Transform - This transform is used to obtain the cipher data from the MIME part that conveys it. - This transform would be reference within a xenc:CipherReference ds:Transform used with a CID xenc:CipherReference URI to obtain the entire MIME part for decryption. Unique URIs must be defined for each of the above transforms. The WSS TC appears to be the appropriate venue for defining such transforms to be associated with SOAP Message Security and this work would allow SwA attachments to be secured using SOAP Message Security. We request that the WSS TC add the definition of such transforms to the WSS TC agenda for the May 18 meeting. Thank you. Regards, Paula Austel, IBM Hal Lockhart, BEA Frederick Hirsch, Nokia Tony Nadalin, IBM Paul Cotton, Microsoft Michael McIntosh, IBM Dana Kaufman, Forum Systems TJ Pannu, ContentGuard Steve Anderson, OpenNetwork Jerry Schwarz, Oracle [SwA] http://www.w3.org/TR/2000/NOTE-SOAP-attachments-20001211 [RFC 2392] http://www.ietf.org/rfc/rfc2392.txt Paul Cotton, Microsoft Canada 17 Eleanor Drive, Nepean, Ontario K2E 6A3 Tel: (613) 225-5445 Fax: (425) 936-7329 mailto:pcotton@microsoft.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]