[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Digital Envelope: Food for thought by the next generation
I concur with Marty's opinion that a message may be signed at either (or both) levels, application and message handling. In practice, application level signatures typically serve a different busines purpose than MSH level signatures. Cheers, Bob Miller -----Original Message----- From: Dick Brooks [mailto:dick@8760.com] Sent: Thursday, May 17, 2001 10:12 AM To: Martin W Sachs Cc: ebxml-tp@lists.ebxml.org; ebxml-transport@lists.ebxml.org; Maryann Hondo Subject: RE: Digital Envelope: Food for thought by the next generation Marty, > I guess a parallel question is who does the signing. If you tell me that > signing is done above the message service handler, then I guess I could > agree that message-level encryption is also above the MSH. Good question. IMO, it's possible for a layer above the MSH to sign/encrypt a payload document before it reaches the MSH. I also believe an MSH can sign a message (header and payload) using XML DSIG. Dick Brooks Group 8760 110 12th Street North Birmingham, AL 35203 dick@8760.com 205-250-8053 Fax: 205-250-8057 http://www.8760.com/ InsideAgent - Empowering e-commerce solutions > -----Original Message----- > From: Martin W Sachs [mailto:mwsachs@us.ibm.com] > Sent: Wednesday, May 16, 2001 12:47 PM > To: Dick Brooks > Cc: ebxml-tp@lists.ebxml.org; ebxml-transport@lists.ebxml.org; Maryann > Hondo > Subject: RE: Digital Envelope: Food for thought by the next generation > > > > Dick, > > It looks like you and I are the only ones around these days. I guess > everyone else is worn out from Vienna :-) > > You may have the right answer but I am not sure. Digital > Envelope is not a > packaging function as I understand packaging. It is an RSA encryption > procedure. The message is encrypted by symmetric encryption and > the secret > keys are exchanged by public-key encryption. > > I guess a parallel question is who does the signing. If you tell me that > signing is done above the message service handler, then I guess I could > agree that message-level encryption is also above the MSH. > > > Regards, > Marty > > > > ****************************************************************** > ******************* > > Martin W. Sachs > IBM T. J. Watson Research Center > P. O. B. 704 > Yorktown Hts, NY 10598 > 914-784-7287; IBM tie line 863-7287 > Notes address: Martin W Sachs/Watson/IBM > Internet address: mwsachs @ us.ibm.com > ****************************************************************** > ******************* > > > > Dick Brooks <dick@8760.com> on 05/16/2001 12:50:14 PM > > Please respond to dick@8760.com > > To: Martin W Sachs/Watson/IBM@IBMUS, ebxml-tp@lists.ebxml.org, > ebxml-transport@lists.ebxml.org > cc: Maryann Hondo/Austin/IBM@IBMUS > Subject: RE: Digital Envelope: Food for thought by the next generation > > > > Marty, > > It appears to me the Digital Envelope element is used to describe payload > packaging. If > my understanding is correct then I don't believe the Message Service (MS) > needs to know about the > Digital Envelope. It's whatever layer above the MS that is responsible for > packaging the > payload that needs this information. > > The MS spec assumes that a payload item is "packaged" for > transport and the > MS is only responsible > for "inserting" the payload into the ebXML Message as a MIME body > part. At > least that is my understanding. > > > Dick Brooks > Group 8760 > 110 12th Street North > Birmingham, AL 35203 > dick@8760.com > 205-250-8053 > Fax: 205-250-8057 > http://www.8760.com/ > > InsideAgent - Empowering e-commerce solutions > > > -----Original Message----- > > From: Martin W Sachs [mailto:mwsachs@us.ibm.com] > > Sent: Wednesday, May 16, 2001 9:17 AM > > To: ebxml-tp@lists.ebxml.org; ebxml-transport@lists.ebxml.org > > Cc: Maryann Hondo > > Subject: Digital Envelope: Food for thought by the next generation > > > > > > List-Unsubscribe: > > <mailto:ebxml-transport-request@lists.ebxml.org?body=unsubscribe> > > List-Archive: <http://lists.ebxml.org/archives/ebxml-transport> > > List-Help: <http://lists.ebxml.org/elists/admin_email.shtml>, > > <mailto:ebxml-transport-request@lists.ebxml.org?body=help> > > > > It was just pointed out to me by an IBM colleague that while the CPP/CPA > > specification includes a Digital Envelope element, the Message Service > > Specification says nothing about it. To me, this looks like a TRP-TP > > coordination item that fell through the cracks and should resurface in > the > > next life. > > > > Does anyone know if Digital Envelope is usable in spite of the > > fact that it > > isn't explicitly mentioned in the Message Service Specification? > > > > Regards, > > Marty > > > > ****************************************************************** > > ******************* > > > > Martin W. Sachs > > IBM T. J. Watson Research Center > > P. O. B. 704 > > Yorktown Hts, NY 10598 > > 914-784-7287; IBM tie line 863-7287 > > Notes address: Martin W Sachs/Watson/IBM > > Internet address: mwsachs @ us.ibm.com > > ****************************************************************** > > ******************* > > > > > > ------------------------------------------------------------------ > > To unsubscribe from this elist send a message with the single word > > "unsubscribe" in the body to: ebxml-transport-request@lists.ebxml.org > > > ------------------------------------------------------------------ > To unsubscribe from this elist send a message with the single word > "unsubscribe" in the body to: ebxml-transport-request@lists.ebxml.org > > ------------------------------------------------------------------ To unsubscribe from this elist send a message with the single word "unsubscribe" in the body to: ebxml-transport-request@lists.ebxml.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC