OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-transport message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: Security protocols for TRP


Please see below.



Prasad Yendluri wrote:
> > >
> > >         1.      Will the layers above the TRP (e.g.. Application layer) know that the
> > > (received) message was signed and encrypted ?
> >
> > This depends. It is our intent to have the CPA define/describe the packaging
> > and security aspects that the parties agreed to employ. If the scheme
> > employed is to delegate the signing of the header/payload to the MSH
> > (using XMLDSIG) then the answer would be no, although we should probably
> > discuss how the MSH should interface with the application/application services
> > layer above to communicate signature validation info, etc.
> >
> > If the payload is signed/encrypted with a MIME-based approach (S/MIME
> > or PGP/MIME) then this is completely within the domain of the
> > application or application services layer to process (validate
> > signature and/or decrypt with private key, etc.)
> >
> > Again, our intent is to capture all of this information in the CPP/CPA.
> <PY> It is possible for the CPA to specify > 1 valid possibilities, including
> signing/encrypting/both and the specific mechanisms (S/MIME, PGP/MIME, XMLDSIG etc.) to be used.

That is the intent. Dale is working on the packaging profiles
which will be referenced from the CPP/CPA.

> Which particular one is employed by a message instance needs to be identified somewhere. CPP/CPA
> may not be enough. I think this needs to be captured in the envelope. </PY>

Interesting point. I think that we'll have to review this more closely
once Dale and I have finished our work on the CPP CPA and profiles
to make this determination.

org:Sun Microsystems, Inc;XTC Advanced Development
title:Sr. Staff Engineer
fn:Christopher Ferris

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Search: Match: Sort by:
Words: | Help

Powered by eList eXpress LLC