Yes, that is correct. Colm.
On Wed, Nov 6, 2013 at 1:26 PM, COURTAULT Francois < [email protected]> wrote: > Hello, > > > > Thanks for your reply. > > So, I have understood you well, this policy assertion doesn’t state if we > have or haven’t to include headers or body in the signature. It just > describes the way to proceed if we want to include a header or a body in > the signature: am I right ? > > > > Best Regards. > > > > *From:* Colm O hEigeartaigh [mailto:[email protected]] > *Sent:* mardi 5 novembre 2013 11:32 > *To:* COURTAULT Francois > *Cc:* [email protected] > *Subject:* Re: Question about OnlySignEntireHeadersAndBody policy > assertion > > > > It's explained in section 6.6 - "[Entire Header and Body Signatures] > Property". > > Your interpretation is not correct. Essentially what it means is that only > the SOAP Body, a SOAP Header, and/or a direct child of the security header > can be signed, nothing else. It doesn't actually require that any of them > actually be signed though. > > Colm. > > > > On Tue, Nov 5, 2013 at 9:32 AM, COURTAULT Francois < > [email protected]> wrote: > > Hello everyone, > > > > What is the meaning of OnlySignEntireHeadersAndBody policy assertion ? > > > > I looked at > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.html > . > > As we are using asymmetric binding, the only description I got in this > spec is : > > “/sp:AsymmetricBinding/wsp:Policy/sp:OnlySignEntireHeadersAndBody > > > > This optional element is a policy assertion that indicates that the > [Entire Header And Body Signatures] property is set to 'true'.” > > > > My interpretation of the sentence above is that, if this assertion is used > for a web service endpoint it means that the client has to generate a > signature for all SOAP headers and the body of the SOAP request he has to > send: am I right or wrong ? > > Best Regards. > > > ------------------------------ > > This message and any attachments are intended solely for the addressees > and may contain confidential information. Any unauthorized use or > disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable for > the message if altered, changed or falsified. If you are not the intended > recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this transmission > free from viruses, the sender will not be liable for damages caused by a > transmitted virus > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > > ------------------------------ > This message and any attachments are intended solely for the addressees > and may contain confidential information. Any unauthorized use or > disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable for > the message if altered, changed or falsified. If you are not the intended > recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this transmission > free from viruses, the sender will not be liable for damages caused by a > transmitted virus > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
