Having problems with message search?
Folks, haven’t heard much feedback from participants – is everyone ok with making these changes?
thanks
From: Kirill Gavrylyuk
[mailto:kirillg@...]
Sent: Tuesday, April 05, 2005
12:52 PM
To:
WS-Security-Workshops@yahoogroups.com; WS-RM-Workshops@yahoogroups.com
Subject: [WS-Security-Workshops]
Proposed updates to SC+RM scenarios document
Based on the comments received so far on the document, we propose the following updates to the SC+RM scenarios. What do folks think?
- Ordering elements inside Security header. An issue was raised around scenarios text prescribing specific elements order inside Security header, for example requiring Timestamp to be the first element. We believe the best way to proceed is to remove any ordering requirements text from the scenarios doc – follow what WS-Security and BSP prescribes.
- SignatureConfirmation. We introduced SignatureConfirmation on the secure session initiation (RST/RSTR handshake). Given that this is a protection mechanism applicable to the entire message exchange, it would make sense to use it on all messages.
- Encrypted Signature. Scenarios document currently prescribes encrypting signatures on RST/RSTR and app messages, but not WS-RM infrastructure messages. Similar to #2, given that encrypting signature is a protection mechanism that is applicable to the entire exchange, it would make sense to either do it for all messages or not do it for any.
Attached is the scenarios document with the proposed changes applied, marked with change bars. thanks
Offline 
Send Email