OASIS ebXML Messaging Services TC

RE: [ebxml-msg] Relevant comment posted on OASIS TC WS-SX list concerning policy domain assertions relevant to WSS security usage

  • 1.  RE: [ebxml-msg] Relevant comment posted on OASIS TC WS-SX list concerning policy domain assertions relevant to WSS security usage

    Posted 02-14-2007 01:02
    
    
    
    
    
    
    
    That would match the P-Mode latest version:
    PMode[1].Security.X509.Sign
    PMode[1].Security.X509.Sign.Element[]
    PMode[1].Security.X509.Sign.Attachment[]
    where each one of the two last parameters can handle a list of parts.
    Same set of P-Mode parameters exist with Encryption instead of Sign.
     
    -J


    From: Dale Moberg [mailto:dmoberg@us.axway.com]
    Sent: Monday, February 12, 2007 7:42 AM
    To: ebxml-cppa@lists.oasis-open.org
    Cc: ebxml-msg@lists.oasis-open.org
    Subject: [ebxml-msg] Relevant comment posted on OASIS TC WS-SX list concerning policy domain assertions relevant to WSS security usage

    http://www.oasis-open.org/apps/org/workgroup/ws-sx/email/archives/200702/msg00008.html

    that requests:

    Add to sp:SignedParts and sp:EncryptedParts sp:SignedParts/Attachment  
    and sp:EncryptedParts/Attachment respectively.
    and was submitted by
    Frederick Hirsch of Nokia
    {As far as I can tell it is public or OASIS member accessible link }
    The remaining policy features that are not documented pertain to whether signing should be done before or after encryption.
    Concerns that pertain to this policy selection are replay/reuse (potential cut and paste of signed material and signature), traffic analysis (if identity is revealed by signature), etc.