[ogsa-wg] [AI:1368][AI:1369] additional descriptions for the keyinfo exchange
Takuya Mori
mori at mcs.anl.gov
Wed Apr 20 11:34:48 CDT 2005
Dear all,
The following is my draft for the additional descriptions for
the keyinfo exchange.
This is for the action item 1368 and 1369 of the basic profile
tracker.
Regard,
Takuya
----
8.1.6 Message Level Security
Section 8.1.5 defines the usage of XML Encryption as part
of the SOAP message security. This profile specifies how the
key information for the XML Enryption is exchanged.
R0813
When using Message Level Security, the ENDPOINTREFERENCE SHOULD
include xxx:KeyInfo element as defined in Appendix A.
R0814
When using XML Encryption as part of Message Level Security,
the RECEIVER SHOULD provide the key info for encrypting
incoming messages to the SENDER prior to the message sending
by the SENDER.
(More specifically,
- the instance should provide the encryption key as part of
its endpoint reference resolution and
- the consumer should provide the encryption key as part of
the endpoint reference in the request message.)
R0814
When using XML Encryption as part of Message Level Security,
the SENDER SHOULD use the key specified by xxx:KeyInfo element
in the endpoint reference of the receiver.
More information about the ogsa-wg
mailing list