- From: Francisco Curbera <curbera@us.ibm.com>
- Date: Mon, 27 Jun 2005 14:00:59 -0400
- To: Francisco Curbera <curbera@us.ibm.com>
- Cc: public-ws-addressing@w3.org, public-ws-addressing-request@w3.org
Mark pointed out that the last proposal on the table was to drop the
paragraph and not replace it at all. We still think it should stay because
it does add an important clarification for those thinking in using
message_id for detecting replays.
Paco
Francisco
Curbera/Watson/IBM@IBMUS To: public-ws-addressing@w3.org
Sent by: cc:
public-ws-addressing-req Subject: Issue LC90
uest@w3.org
06/27/2005 01:16 PM
Issue LC90 proposes changing the following paragraph in the security
section,
"Some processors may use message identifiers ([message id]) as part of a
uniqueness metric in order to detect replays of messages. Care should be
taken to ensure that for purposes of replay detection, the message
identifier is combined with other data, such as a timestamp, so that a
legitimate retransmission of the message is not confused with a replay
attack."
to the alternate text,
"For purposes of reliability and security, the [message id] property SHOULD
regarded simply as another part of the message payload. It SHOULD NOT be
used as part of a uniqueness metric in order to detect replays of messages,
as a message with a given [message id] may be legitimately re-sent for
purposes of reliable transmission."
We think that there is no justification to say that you one cannot use
messageID as part of an uniqueness criterion for security purposes, so the
"SHOULD NOT" in the proposed text is unjustified. The original text is more
balanced, recognizing that message_if may be used and giving the right
advice if one chooses to do so.
I propose we close with no change.
Paco
Received on Monday, 27 June 2005 18:01:15 UTC