Action-360 and Issue 5206

> ACTION-360 Asir to work with Chris, Ashok and
> Maryann on a concrete proposal for issue 5206

I am posting this mail on behalf of Asir, Ashok, Chris and Maryann. Please find below a concrete proposal to resolve issue 5206.

Regards,

Asir S Vedamuthu
Microsoft Corporation

---- proposal ----

Target: Guidelines document.

5.3.5 Order of Behaviors

A policy alternative is a collection of zero or more policy assertions. Assertions within a policy alternative are not ordered.

The order of assertions in a policy alternative and order in which behaviors (indicated by assertions) are applied are two distinct concepts. The order of assertions in a policy alternative has no bearing on the order in which behaviors are applied.

Specifying the order in which behaviors are applied is outside the scope of the Web Services Policy Framework. However, the Framework says that assertion authors can write assertions that indicate the order in which behaviors are applied.

According to the SOAP processing model, the order of headers and body processing (for behaviors such as addressing, security, reliability and transaction) is at the discretion of the SOAP node and SOAP-based protocols may be used to control the order of processing.

The Web Services Security specification provides producers with a choice of signing a message before encrypting or signing a message after encrypting. That is, WS-Security 1.1, section 8 says, lines 1173-1183 - says "Finally, if a producer wishes to sign a message before encryption, then following the ordering rules laid out in section 5, "Security Header", they SHOULD first prepend the signature element to the <wsse:Security> header, and then prepend the encryption element, ... Likewise, if a producer wishes to sign a message after encryption, they SHOULD first prepend the encryption element to the <wsse:Security> header, and then prepend the signature element."

The Web Services Security Policy specification provides assertions which let users control whether to sign the message before encrypting or sign it after encrypting.

In the example below, the SignBeforeEncrypting assertion requires producers to sign a message before encrypting.

Example 1

<Policy>
  <sp:AsymmetricBinding>
    <Policy>
     ...
     <sp:IncludeTimestamp />
     <sp:SignBeforeEncrypting />
     <sp:EncryptSignature />
     <sp:ProtectTokens />
   </Policy>
  </sp:AsymmetricBinding>
  <wsam:Addressing>...</wsam:Addressing>
  ...
</Policy>

In the example below, the EncryptBeforeSigning assertion requires producers to sign a message after encrypting.

Example 2

<Policy>
  <sp:AsymmetricBinding>
    <Policy>
     ...
     <sp:IncludeTimestamp />
     <sp:EncryptBeforeSigning />
     <sp:EncryptSignature />
     <sp:ProtectTokens />
   </Policy>
  </sp:AsymmetricBinding>
  <wsam:Addressing>...</wsam:Addressing>
  ...
</Policy>

Received on Wednesday, 24 October 2007 03:56:41 UTC