OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-tp message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: TRP comments by Shimanura-san that MAY apply to TP

Someone please check to see if the appended set of TRP comments apply to
the TP spec.  Please indicate that you are looking into it and when you
will provide an answer.  If any changes are needed, it would be best if we
put them in before submitting the spec for the next round of QR and Public

NOTE:  Any changes due to these comments have to be reflected in some or
all of the XSD, DTD, and CPP and CPA samples unless they are in areas of
the XMLDSIG definition that we haven't included in detail.

(Chris?) Should the  messageOrderSemantics attribute be added to the
ReliableMessaging element or is it intended to be specified on a message by
message basis?

(Chris, Dale, or Tony?)  Shimamura-san is requesting some changes to the
digital signature elements in the message service specification to update
it to the current level of XMLDSIG. Are his proposals correct? Do any of
these changes apply to the TP spec, given the level of detail in our
current signture elements? Please check both under ds:Signature and under
ProcessSpecification (ds:Reference).

   At a glance, I see:

   Comment to line 1735 of TRP spec is a possible problem for us regarding
   the ds: prefix and namespace definition.  Should we delete the ds:
   prefix anywhere? everywhere?  I believe that the comment applies only to
   the namespace definition since the TRP spec has the ds:prefix everywhere

   Comment to line 1692 apparently applies to us (algorithm attribute value
   under SignatureMethod)

   Comment to line 1699 apparently applies to us (correction to value of
   Type attribute)

   Comment to line 1737 apparently applies to us.  Under ds:Signature, we
   do not spell out the full URL of the canonicalization method (algorithm

   Comment to line 1737: Under ProcessSpecification, the algorithm we show
   in the XML example agrees with the one in the comment below except that
   we name the attribute ds:Algorithm while the comment below shows it as
   Algorithm (this probably relates to the comment to line 1735 above).
   Also, under ProcessSpecification, we do not spell out the algorithm at
   all in the text but just refer to [XMLC14N]. Since the algorithm is
   shown in the sample, we probably should add a brief sentence or
   paragraph on it.


Martin W. Sachs
IBM T. J. Watson Research Center
P. O. B. 704
Yorktown Hts, NY 10598
914-784-7287;  IBM tie line 863-7287
Notes address:  Martin W Sachs/Watson/IBM
Internet address:  mwsachs @ us.ibm.com
---------------------- Forwarded by Martin W Sachs/Watson/IBM on 04/11/2001
09:26 AM ---------------------------

SHIMAMURA Masayoshi <shima.masa@jp.fujitsu.com> on 04/11/2001 03:44:18 AM

To:   ian.c.jones@bt.com
cc:   ebxml-transport@lists.ebxml.org
Subject:  Re: Outstanding Issues/Comments list

Mr. Ian Jones,

Thank you for creating the issue list. However it lacks a issue about
messageOrderSemantics I pointed out. And also I have obtained XML
Signature related issues from security experts. Can I ask you to add
attached comments to the list?

Comments on Message Service v0.98b
Minor Technical
  Line 549-551 says:
    If messageOrderSemantics is set to Guaranteed, the To Party MSH
    MAY correct invalid order of messages using the value of
    SequenceNumber in the conversation specified by the ConversationId.
    We decided that "When OnceAndOnlyOnce is specified and
    messageOrderSemantics is set to "Guaranteed", SequenceNumber MUST be
    present. In this case, receiving MSH MUST guarantee message order."
    The line 549-551 does not follow our decision.
    Change the word "MAY" in line 549 to "MUST".
    see discussion <

Minor Technical
  Line 569-570 says:
    The SequenceNumber element MUST appear only when deliverySemantics
    is OnceAndOnlyOnce. ...
    This description is still not clear.
    Change the description into following to follow our decision exactly.
        When deliverySemantics is OnceAndOnlyOnce and
        messageOrderSemantics is Guarantee, the SequenceNumber element
        MUST appear. When deliverySemantics is OnceAndOnlyOnce and
        messageOrderSemantics is NotGuarantee, The SequenceNumber
        element MAY appear. In any other case, this element MUST NOT
    see discussion <

Minor Technical
  Line 1735 says:
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmlds#">
    Use of prefix does not follow the W3C XML Signature's DTD.
    Remove the prefix "ds" in description on page 52-53, and define
    name space as following in line 1735:
    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">

Minor Technical
  Line 1692-1694 says:
    The ds:SignatureMethod element SHALL be present and SHALL have an
    Algorithm attribute. The RECOMMENDED value for the Algorithm
    attribute is:
    The specified URI <http://www.w3.org/2000/02/xmldsig#sha1> is older
    algorithm. The W3C XML Signature spec uses following Algorithm:
    (By the way, the sample on page 54 uses
    Change <http://www.w3.org/2000/02/xmldsig#sha1> in line 1694 into

Minor Technical
  Line 1699-1701 says:
    ... The ds:Reference element for the ebXML Header document MAY
    include a Type attribute that has a value
    "http://www.w3.org/2000/02/xmldsig#Object" in accordance with
    [XMLDSIG]. ...
    The specified URI <http://www.w3.org/2000/02/xmldsig#Object> is older
    definition. Latest definition is:
      Change <http://www.w3.org/2000/02/xmldsig#Object> in line 1701 into

Minor Technical
  Line 1737 says:
    <ds:CanonicalizationMethod Algorithm="
    The specified URI is older algorithm. Latest algorithm is:
    Change <http://www.w3.org/TR/2000/WD-xml-c14n-20001011> in line 1737
    into <http://www.w3.org/TR/2000/CR-xml-c14n-20001026>.


SHIMAMURA Masayoshi <shima.masa@jp.fujitsu.com>
TEL:+81-45-476-4590(ext.7128-4241)  FAX:+81-45-476-4726(ext.7128-6783)
Planning Dep., Strategic Planning Div., Software Group, FUJITSU LIMITED

To unsubscribe from this elist send a message with the single word
"unsubscribe" in the body to: ebxml-transport-request@lists.ebxml.org

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Search: Match: Sort by:
Words: | Help

Powered by eList eXpress LLC