W3C home > Mailing lists > Public > public-ws-addressing@w3.org > January 2005

Re: Problems with the SOAP binding

From: Michael McIntosh <mikemci@us.ibm.com>
Date: Wed, 5 Jan 2005 16:15:15 -0500
To: Rich Salz <rsalz@datapower.com>
Cc: Jonathan Marsh <jmarsh@microsoft.com>, public-ws-addressing@w3.org, public-ws-addressing-request@w3.org
Message-ID: <OF700E3CF9.736D8263-ON85256F80.007452C0-85256F80.0074C0EC@us.ibm.com>





rsalz@datapower.com wrote on 01/03/2005 03:35:59 PM:

<snip/>
> More explicitly, the WS-I basic security profile says (R3207 in section
> 9.1.2), that all xenc:EncryptedKeys must be a child of the WSS header.
> So if a server wants to "statelessly" encrypt a refP so that it can
> decrypt it later, if has to put some information into the WSS header.
> I.e., encrypted refP's imply tight coupling to WSS.
<snip/>

This language has been "cleaned up" recently. The intent was not to limit
XML Encryption (or Signature) to only be used with WSS. It meant to say
that when XML Encryption is used with WSS and there is a related
xenc:EncryptedKey element that element must be a child of the wsse:Security
header.
Received on Wednesday, 5 January 2005 21:16:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:35:01 GMT