MHonArc v2.5.0b2 -->
legalxml-courtfiling message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: WS-Security and encryption of individual message parts
I took an action item from the face-to-face to research whether we have a problem with our current MDE operation
signatures, in that some of us thought the WS-Security encryption processing model only allowed encryption at the
message level (WSDL term).� As our MDE definitions currently stand in the WSDL, if true this would have precluded
encrypting the payment argument separately from the "core" message (for example.)
Happily, WS-Security
allows encryption of any XML element within the SOAP body.� So even within an argument structure, you could encypt a
single element if you wanted to.
The relevant section of the WS-Security spec (http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf)
is section 9.� The processing model is described in section 9.3.1, starting on line 1232, on page 34.� In particular,
at line 1243, the spec indicates that "items to be encrypted" are "XML elements, element contents
within the target SOAP envelope."
So we're ok.
Thanks.
--Scott
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]