Re: soap-enc scenario from Joseph Reagle on 2001-12-21 (www-xenc-xmlp-tf@w3.org from December 2001)

From: Joseph Reagle <reagle@w3.org>
Date: Fri, 21 Dec 2001 17:13:19 -0500
To: Yves Lafon <ylafon@w3.org>
Cc: <hugo@w3.org>, www-xenc-xmlp-tf@w3.org
Message-Id: <200112212213.RAA10649@tux.w3.org>

On Thursday 04 October 2001 16:13, Yves Lafon wrote:
> 1/ You can have only one body.
> You can either have one body containing the whole thing, targeted at one
> recipient, it will process the request as the ultimate recipient, then
> will issue another soap request to another one, this way you can do
> whatever you want in the body provided the recipient knows how to handle
> it.

I was hoping this is how my approach would be read. You're saying example 
2.1.1 in [1] is an invalid SOAP construction because of the nesting? That's 
sorta OK, because that's not the thing sent on the wire. 2.1.2 is sent on 
the wire, and the encrypted payload, when decrypted, yields a completely 
different SOAP message that is also sent along.

[1] 
http://lists.w3.org/Archives/Public/www-xenc-xmlp-tf/2001Sep/att-0000/01-soap-sec-scenarios.html

> Another way it to have multiple headers, each one representing one node
> on the path, with a header to decipher the body and forward to a specific
> next node.

This is counter to the requirement of the scenario. The point is for me to 
be able to send a message into a set of people that pass it along where 
each hop is encrypted, and eventually it pops out towards its destination 
(Alice.) If I have:

> <env:Header env:actor="http://example.org/xmlsec/Alice">
>   <ds:keyname>Alice</ds:keyname>
>   <ds:forward>http://example.org/xmlsec/John</ds:forward>
> </env:Header>
> <env:Header env:actor="http://example.org/xmlsec/John">
>   <ds:keyname>Alice</ds:keyname>
> </env:Header>

then an Eve's dropper would know that I'm sending messages to Alice via 
John. (Of course, the anonymous remailer scenario may be of practical 
interest to no one, it's just the one I'm familiar with.)

-- 

Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Friday, 21 December 2001 17:13:21 UTC