W3C home > Mailing lists > Public > public-ws-addressing@w3.org > January 2005

ACTION 2004-12-20: Security of wrapper vs attribute

From: Rich Salz <rsalz@datapower.com>
Date: Mon, 10 Jan 2005 10:26:21 -0500
Message-ID: <41E29E9D.4000005@datapower.com>
To: "public-ws-addressing@w3.org" <public-ws-addressing@w3.org>

The issue that separates using a wrapper vs an attribute isn't one of 
security, but software engineering. :)  Both XML DSIG and XML Encryption 
can handle each type:
	wrapper -- Add an ID on the wrapped element, or put an ID on the 
wrapper and use an XPath expression to select the child of the wrapper. 
For encryption, do element-wise encryption of the wrapped element, 
replacing it with an xenc:EncryptedData element.
	attribute -- Add an ID on the element, and use an XPath expression to 
select everything but the ID attribute.  (If the subsystem doing 
WS-Addressing is also integrated with WS-Security, then the contents of 
the ID attribute can be known, and the XPath expression can be 
avoided.).  For encryption, do content-wise encryption -- this leaves 
any attributes on the header in the clear; we'd have to document that -- 
or do element-wise encryption, but re-add any actor/role attribute in 
cleartext.

I can create samples of these if desired.

As long as refp's are self-identifying, it is possible for a "generic' 
or loosely-coupled security facility to process them.  Most 
implementations will be less efficient signing or verifying a wrapper, 
because of the required XPath, but I don't think it's worth worrying about.

	/r$

-- 
Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html
Received on Monday, 10 January 2005 15:15:49 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:35:01 GMT