OASIS ebXML Messaging Services TC

 View Only
  • 1.  Groups - AS4-Profile-csd04-wd-13.odt (AS4-Profile-csd04-wd-13.odt) uploaded

    Posted 04-22-2011 08:11

    Based on comments from TC Admin (Paul Knight), I reviewed the draft to mix (quite a few) citation errors that nobody seems to have spotted before. Please review this document very thorougly ..

    -- Mr. Pim van der Eijk The document revision named AS4-Profile-csd04-wd-13.odt (AS4-Profile-csd04-wd-13.odt) has been submitted by Mr. Pim van der Eijk to the OASIS ebXML Messaging Services TC document repository. This document is revision #7 of AS4-Profile-cd-01.odt. Document Description: AS4 profile View Document Details: http://www.oasis-open.org/committees/document.php?document_id=41901 Download Document: http://www.oasis-open.org/committees/download.php/41901/AS4-Profile-csd04-wd-13.odt Revision: This document is revision #7 of AS4-Profile-cd-01.odt. The document details page referenced above will show the complete revision history. PLEASE NOTE: If the above links do not work for you, your email application may be breaking the link into two pieces. You may be able to copy and paste the entire link address into the address field of your web browser. -OASIS Open Administration


  • 2.  Re: [ebxml-msg] Groups - AS4-Profile-csd04-wd-13.odt (AS4-Profile-csd04-wd-13.odt) uploaded

    Posted 04-29-2011 11:03
    On 22 Apr 2011, at 10:10 AM, pvde@sonnenglanz.net wrote: > > Based on comments from TC Admin (Paul Knight), I reviewed the draft to mix > (quite a few) citation errors that nobody seems to have spotted before. > Please review this document very thorougly .. Two problem areas Mike and I picked up i Section 5.1.8 - 'Profiling Rule (a): Receipts for reception awareness' states the following If this element is not used, then eb:Receipt MUST be empty. However, the schema definition for Receipt is as follows <xsd:complexType name="Receipt"> <xsd:sequence> <xsd:any namespace="##other" processContents="lax" maxOccurs="unbounded"/> </xsd:sequence> </xsd:complexType> with minOccurs not defined. If that is the case then minOccurs defaults to 1. Also see http://www.w3schools.com/schema/schema_complex_indicators.asp Is this not a problem in the spec ? ii PMode[1].Security.SendReceipt: support required (true/false) Should the (true/false) be there ? This in light of 3.2 'Reception awareness error handling (REQUIRED support)' so if consumer MSH ..SendReceipt is set to false then producer MSH must report an error ? And also section 3.4 bullets 2 and 3. -- Regards Theo


  • 3.  RE: [ebxml-msg] Groups - AS4-Profile-csd04-wd-13.odt (AS4-Profile-csd04-wd-13.odt) uploaded

    Posted 05-02-2011 11:28
    Hello Theo, I think you're right on (i). The schema requires some namespace-qualified content in the eb:Receipt, so it cannot be empty. In creating examples for the spec I only looked at the cases where the ebBP element is used, with WS-Security, and I didn't check this case. One solution is to change the spec to ALWAYS use the ebbp:NonRepudiationInformation element, as follows: The ebbp:MessagePartNRInformation element has a choice content. In cases where the original message was signed using WS-Security, the ds:Reference elements in the received message (validated by the WS-Security module in the receiving MSH) can be used in generating a Receipt, as currently already specified in the spec. This uses the second option in the type definition: <xsd:element name="MessagePartNRInformation"> <xsd:complexType> <xsd:choice> <xsd:element name="MessagePartIdentifier" type="bpssignal:non-empty-string"/> <xsd:element ref="ds:Reference"/> </xsd:choice> </xsd:complexType> </xsd:element> Now to address your comment, we could change the profile and use the first choice in situations where no WS-Security was used in the received message, i.e. cases where there are no ds:Reference elements that can be reused. In this case, the first option in the type definition is still an option. I would propose that the profile REQUIRES the content of the NonRepudiationInformation element to be a single MessagePartNRInformation element with MessagePartIdentifier content, with value set to the eb3:MessageId of the received message. A valid Signal Message based on this would look like the following: <eb3:SignalMessage> <eb3:MessageInfo> <eb3:Timestamp>2011-05-01T12:26:11.176Z</eb3:Timestamp> <eb3:MessageId>d1e7_messageid</eb3:MessageId> <eb3:RefToMessageId>orders123@buyer.example.com</eb3:RefToMe ssageId> </eb3:MessageInfo> <eb3:Receipt> <ebbp:NonRepudiationInformation> <ebbp:MessagePartNRInformation> <ebbp:MessagePartIdentifier>orders123@buyer.example.com</ebb p:MessagePartIdentifier> </ebbp:MessagePartNRInformation> </ebbp:NonRepudiationInformation> </eb3:Receipt> </eb3:SignalMessage> These receipts would do fine for the "Minimal Profile". I'd be interested in other views on this, and I'll let Jacques and others respond to (ii). Pim


  • 4.  Receipts and reception awareness, and AS4 WD15.

    Posted 05-09-2011 09:08
    Hello, I've been looking at the issue of the receipt format for reception awareness a bit more. It looks to me as if putting the message identifier in the MessagePartIdentifier (as I proposed last week) is not right, as the element seems to be for identification of message parts, not messages. Instead, my proposal is to use the values of the referenced message parts, which are included in the eb:PartInfo of the received message, and have as many of these are there are parts in the message. Optionally, the SOAP envelope MIME part (the "start" part in the SOAP with attachments message) could be referenced too. Basically, the receipt now has the same content in both "reception awareness" and "NRR" uses: a list of message parts. In the former use, the receipt use the structural identifiers in the ebMS SOAP-with-attachments message. In the latter, it uses the XML Dsig structural identifiers computed by the WSS module. The difference is that in the NRR case, the receipts do not cover the full SOAP message but only the bits that are signed. In both cases the receipts can be automatically generated from the received message using a small number of lines of code. The latest update (WD-15) is modified to incorporate this proposal, so please review thorougly. WD15 also includes Jacques' proposal for (ii) too, so the document should be complete by now. Pim


  • 5.  RE: [ebxml-msg] Groups - AS4-Profile-csd04-wd-13.odt(AS4-Profile-csd04-wd-13.odt) uploaded

    Posted 05-06-2011 20:11
    Theo: About your point (ii): It seems to be a classical case of possible conflict between two configuration items... - assume PMode[1].ReceptionAwareness: is "true". Then the original Producer of the user message to be acknowledged, must generate an error if no eb:Receipt is received in time. - Now if PMode[1].Security.SendReceipt is set to "false" at the same time then of course the MSH receiving the user message must NOT send a Receipt. So in this case, to comply with AS4 the sending MSH (sending the user message) must send back an error to the receiving MSH even though the latter was not supposed to send a Receipt... We could update definition of PMode[1].ReceptionAwareness in 3.2: "The following additional P-Mode parameters are defined and MUST be supported: PMode[1].ReceptionAwareness: (true / false). When set to true, the PMode[1].Security.SendReceipt must also be set to true. -jacques