OASIS LegalXML Electronic Court Filing TC

 View Only

WS-Security and encryption of individual message parts

  • 1.  WS-Security and encryption of individual message parts

    Posted 09-18-2005 20:07
     MHonArc v2.5.0b2 -->
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    legalxml-courtfiling message

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


    Subject: WS-Security and encryption of individual message parts


    I took an action item from the face-to-face to research whether we have a problem with our current MDE operation signatures, in that some of us thought the WS-Security encryption processing model only allowed encryption at the message level (WSDL term).� As our MDE definitions currently stand in the WSDL, if true this would have precluded encrypting the payment argument separately from the "core" message (for example.)

    Happily, WS-Security allows encryption of any XML element within the SOAP body.� So even within an argument structure, you could encypt a single element if you wanted to.

    The relevant section of the WS-Security spec (http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf) is section 9.� The processing model is described in section 9.3.1, starting on line 1232, on page 34.� In particular, at line 1243, the spec indicates that "items to be encrypted" are "XML elements, element contents within the target SOAP envelope."

    So we're ok.

    Thanks.

    --Scott



    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]