On 30/07/07, Glen Daniels <[EMAIL PROTECTED]> wrote: > Hi all! > > Please note in this discussion that there definitely are use cases where > the addressing handlers WILL be encrypted. The addressing WG > specifically discussed the idea that some users won't want information > such as the URL of the wsa:Action to be snoopable on the wire. This is > one of the reasons that the wsa:Action/soapAction relationship was > specified the way it was. > > We don't know whether this will become a common usage or not, but I > think we shouldn't completely rely on the fact that Addressing will > *always* be happening before decryption. If security is enabled > globally, this shouldn't be a problem, and even if it's > enabled/configured on a service/operation level, that just means we need > to do the dispatch using something like the transport URL, or another > accessible piece of information, before decrypting. > > Clearly there are a lot of moving parts, and a lot of valid > combinations. As long as a combination is coherent and makes all the > information needed at each phase available, we should be able to support it. > > I think David's call for use cases is perhaps the next thing we should > deal with, and I'd put forth "entire message including wsa headers is > encrypted, dispatch to service happens via URL".
Agreed, I think this is a reasonable use-case David -- David Illsley - IBM Web Services Development --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
