Proposing a wsa:Security element from Rich Salz on 2005-03-12 (public-ws-addressing@w3.org from March 2005)

From: Rich Salz <rsalz@datapower.com>
Date: Sat, 12 Mar 2005 00:29:51 -0500 (EST)
To: public-ws-addressing@w3.org
Message-ID: <Pine.LNX.4.44L0.0503120023330.1564-100000@smtp.datapower.com>

(wsa prefix means WS-Addressing and wsse prefix means WS-Security as
standardized at OASIS.)

I'd like to add a wsa:Security element to the EPR.  It is intended to
be used as a container for security information (signatures, keys, etc)
about the EPR.  When using the SOAP binding, the contents of the
wsa:Security element either become a wsse:Security element or are
inserted at the appropriate spot within an existing wsse:Security element.

I know that these are complicated ("screwy") semantics. But I think it's
really required to get secure WS-Addressing.
-- 
Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html

Received on Saturday, 12 March 2005 05:29:56 UTC