RE: [wss] Additional SwA Interop Issues

[<Frederick.Hirsch@nokia.com>]

Paul

 

Section 4.5.2 item #4 reads as follows in the latest draft (draft 14) of the SwA profile:

 

"Set the <xenc:EncryptedData> MimeType attribute to match the attachment MIME part Content-Type header before encryption when Content-Only URI is specified for the Type attribute value. The MimeType attribute value may also be set when the AttachmentComplete Type attribute value is specified."

 

When content-only encryption is used the original mime-type header will be replaced by the mime-type for the cipherdata, so the original MIME Type needs to be preserved. When the headers are included in the encrypted data then this is not required and I re-worded this item to make this clear.

 

I believe issue #2 should be closed. Do you agree?

 

regards, Frederick

Frederick Hirsch
Nokia

 

---

From: ext Paul Cotton [mailto:pcotton@microsoft.com]
Sent: Wednesday, November 17, 2004 9:10 AM
To: Blake Dournaee; Hirsch Frederick (Nokia-TP/Boston)
Cc: wss@lists.oasis-open.org
Subject: RE: [wss] Additional SwA Interop Issues

Blake: Thanks for the feedback.

 

Frederick: Can you point us to the changes you made in the current OASIS SwA document so that we can easily flatten issue#2 at the next TC meeting?

 

/paulc

 

Paul Cotton, Microsoft Canada
17 Eleanor Drive, Nepean, Ontario K2E 6A3
Tel: (613) 225-5445 Fax: (425) 936-7329
mailto:pcotton@microsoft.com

 

---

From: Blake Dournaee [mailto:blake@sarvega.com]
Sent: November 16, 2004 11:33 PM
To: Paul Cotton
Cc: wss@lists.oasis-open.org
Subject: RE: [wss] Additional SwA Interop Issues

 

Paul –

 

I believe that Frederick has already added text to the latest draft of SwA Profile for issue #1

 

For issue #2, this was a typo in the examples used in the SwA Profile Interoperability Scenarios. The Id for <EncryptedData> should not have had a wsu: prefix. I don’t believe we need clarifying text unless others disagree with me.

 

Thanks,

 

Blake

 

---

From: Paul Cotton [mailto:pcotton@microsoft.com]
Sent: Tuesday, November 16, 2004 6:43 PM
To: Blake Dournaee
Cc: wss@lists.oasis-open.org
Subject: RE: [wss] Additional SwA Interop Issues

 

> 1.  The Specification of MimeType attribute is optional when content as well as headers of the attachment are being encrypted. The phrasing in the current draft of SwA Profile makes it seem that MimeType is required for either transforms (Section 4.4.2, Step 4)

 

Can you propose exact replacement text that is acceptable to the Interop participants to fix this issue?

 

 

>2. The Id Attribute for <EncrryptedData> should not have a namespace qualifier (e.g. “wsu”) because it falls under the XML Encryption spec and not WS-Security

 

Does this mistake occur in any examples in the specification or was just an error in one of the implementations?  If the latter I wonder what if anything we need to do in the spec?  Again is there specific additional text that you would propose?

 

/paulc

Paul Cotton, Microsoft Canada
17 Eleanor Drive, Nepean, Ontario K2E 6A3
Tel: (613) 225-5445 Fax: (425) 936-7329
mailto:pcotton@microsoft.com

 

---

From: Blake Dournaee [mailto:blake@sarvega.com]
Sent: November 16, 2004 5:33 PM
To: wss@lists.oasis-open.org
Subject: [wss] Additional SwA Interop Issues

 

All,

 

Here are two more minor issues that we encountered during the first interoperability event:

 

1. The Specification of MimeType attribute is optional when content as well as headers of the attachment are being encrypted. The phrasing in the current draft of SwA Profile makes it seem that MimeType is required for either transforms (Section 4.4.2, Step 4)
2. The Id Attribute for <EncrryptedData> should not have a namespace qualifier (e.g. “wsu”) because it falls under the XML Encryption spec and not WS-Security

 

Thanks,

 

Blake Dournaee

Senior Security Architect

Sarvega, Inc.