W3C home > Mailing lists > Public > public-ws-addressing@w3.org > February 2006

Encrytping WS-A headers

From: Arun Gupta <Arun.Gupta@Sun.COM>
Date: Thu, 23 Feb 2006 14:16:48 -0800
To: public-ws-addressing@w3.org
Message-id: <43FE3450.20000@sun.com>

Section 7.0 [1] of SOAP Binding says:

-- cut here --
WS-Addressing message addressing properties serialized as SOAP headers 
(wsa:To, wsa:Action et al.) including those headers present as a result 
of the [reference parameters] property should be integrity protected as 
explained in Web Services Addressing 1.0 - Core[WS-Addressing-Core].
-- cut here --

This does not restrict the sender of SOAP message to encrypt WS-A 
headers. If wsa:To is to be usable for routing then WS-A headers (esp 
wsa:To) must not be encrypted otherwise intermediaries wouldnt be able 
to route it.

I think WG should give some advice in the spec to that effect.


got Web Services ?
Download Java Web Services Developer Pack from
Received on Thursday, 23 February 2006 22:15:30 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:04:13 UTC