OASIS ebXML Messaging Services TC

Re: [ebxml-msg] RE: [wsi_secprofile] RE: FW: WSS27 issue

  • 1.  Re: [ebxml-msg] RE: [wsi_secprofile] RE: FW: WSS27 issue

    Posted 03-26-2004 18:43
     MHonArc v2.5.0b2 -->
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    ebxml-msg message

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


    Subject: Re: [ebxml-msg] RE: [wsi_secprofile] RE: FW: WSS27 issue


    Martin,
    
    The dsig:Signature element the specification (2.0) presently describes 
    includes three transformations.  No transform URIs that are not in the XML 
    Digital Signature recommendation, just:
    
    <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
    <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116";>
       <XPath> not ( 
    ancestor-or-self::()[@SOAP:actor="urn:oasis:names:tc:ebxml-msg:actor:nextMSH"] 
    |
    ancestor-or-self::()[@SOAP:actor="http://schemas.xmlsoap.org/soap/actor/next";] 
    )
       </XPath>
    </Transform>
    <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
    
    We are hoping to migrate to using a WSS Signature with 3.0 and, I believe, 
    could use very different transformations that result in a similar set of 
    successful validations.  Your earlier suggestion of ignoring all headers 
    except those without a soap:actor attribute or identifying the ultimate 
    destination with that attribute is a good one that I think we could 
    incorporate, for example.
    
    thanx,
    	doug
    
    On 26-Mar-04 02:51, Martin Gudgin wrote:
    
    > Pete, Doug,
    > 
    > Are the ebMS 2.0 transforms just Xpath expressions? Or do they have
    > their own transform URI? 
    > 
    > Gudge 
    > 
    > 
    >>