Hi all!
Please note in this discussion that there definitely are use cases where
the addressing handlers WILL be encrypted. The addressing WG
specifically discussed the idea that some users won't want information
such as the URL of the wsa:Action to be snoopable on the wire. This is
one of the reasons that the wsa:Action/soapAction relationship was
specified the way it was.
We don't know whether this will become a common usage or not, but I
think we shouldn't completely rely on the fact that Addressing will
*always* be happening before decryption. If security is enabled
globally, this shouldn't be a problem, and even if it's
enabled/configured on a service/operation level, that just means we need
to do the dispatch using something like the transport URL, or another
accessible piece of information, before decrypting.
Clearly there are a lot of moving parts, and a lot of valid
combinations. As long as a combination is coherent and makes all the
information needed at each phase available, we should be able to support it.
I think David's call for use cases is perhaps the next thing we should
deal with, and I'd put forth "entire message including wsa headers is
encrypted, dispatch to service happens via URL".
Thanks,
--Glen
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
