- From: Jean-Jacques Moreau <jean-jacques.moreau@crf.canon.fr>
- Date: Mon, 29 Sep 2003 17:13:32 +0200
- To: Marc Hadley <Marc.Hadley@Sun.COM>
- Cc: xml-dist-app@w3.org
Yes, an active intermediary could indeed fiddle with the message in various creative ways; so I think realistically we should soften the "MUST NOT be removed" into a "SHOULD NOT be removed". Jean-Jacques. Marc Hadley wrote: > > On Thursday, Sep 25, 2003, at 03:57 US/Eastern, Jean-Jacques Moreau wrote: > >> >>> *** 410 "The <wsse:Security> header block without a specified S:role >>> MAY be consumed by anyone, but MUST NOT be removed prior to the final >>> destination or endpoint." What does 'consumed' mean. SOAP 1.2 makes >>> it clear that SOAP headers without a role attribute are equivalent >>> to those with a role of >>> "http://www.w3.org/2003/05/soap-envelope/role/ultimateReceiver". In >>> both cases the ultimate receiver of the message is the target of the >>> header block. >> >> >> An active intermediary could still consume the header block; this is >> part of the processing model. So, unless WSS includes a special header >> block to implement the above assertion, it cannot be fulfilled, I think. >> > I think the problem in the original text is the use of the word > 'consumed' which implies removal, a forwarding intermediary should never > be playing the ultimateReceiver role so the header block should never be > removed until the message reaches the ultimate receiver. > > Active intermediaries can always change the message "in ways not > described in the inbound SOAP message" so its questionable that adding a > special header block would help. > > Marc.
Received on Monday, 29 September 2003 11:13:45 UTC