Hello Colm, Thank you so much to clarify this for me :-)
Best Regards. -----Original Message----- From: Colm O hEigeartaigh [mailto:[email protected]] Sent: mercredi 6 novembre 2013 15:02 To: COURTAULT Francois Cc: [email protected] Subject: Re: Question about OnlySignEntireHeadersAndBody policy assertion Yes, that is correct. Colm. On Wed, Nov 6, 2013 at 1:26 PM, COURTAULT Francois < [email protected]> wrote: > Hello, > > > > Thanks for your reply. > > So, I have understood you well, this policy assertion doesn't state if > we have or haven't to include headers or body in the signature. It > just describes the way to proceed if we want to include a header or a > body in the signature: am I right ? > > > > Best Regards. > > > > *From:* Colm O hEigeartaigh [mailto:[email protected]] > *Sent:* mardi 5 novembre 2013 11:32 > *To:* COURTAULT Francois > *Cc:* [email protected] > *Subject:* Re: Question about OnlySignEntireHeadersAndBody policy > assertion > > > > It's explained in section 6.6 - "[Entire Header and Body Signatures] > Property". > > Your interpretation is not correct. Essentially what it means is that > only the SOAP Body, a SOAP Header, and/or a direct child of the > security header can be signed, nothing else. It doesn't actually > require that any of them actually be signed though. > > Colm. > > > > On Tue, Nov 5, 2013 at 9:32 AM, COURTAULT Francois < > [email protected]> wrote: > > Hello everyone, > > > > What is the meaning of OnlySignEntireHeadersAndBody policy assertion ? > > > > I looked at > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securityp > olicy-1.2-spec-os.html > . > > As we are using asymmetric binding, the only description I got in this > spec is : > > "/sp:AsymmetricBinding/wsp:Policy/sp:OnlySignEntireHeadersAndBody > > > > This optional element is a policy assertion that indicates that the > [Entire Header And Body Signatures] property is set to 'true'." > > > > My interpretation of the sentence above is that, if this assertion is > used for a web service endpoint it means that the client has to > generate a signature for all SOAP headers and the body of the SOAP > request he has to > send: am I right or wrong ? > > Best Regards. > > > ------------------------------ > > This message and any attachments are intended solely for the > addressees and may contain confidential information. Any unauthorized > use or disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable > for the message if altered, changed or falsified. If you are not the > intended recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this > transmission free from viruses, the sender will not be liable for > damages caused by a transmitted virus > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > > ------------------------------ > This message and any attachments are intended solely for the > addressees and may contain confidential information. Any unauthorized > use or disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable > for the message if altered, changed or falsified. If you are not the > intended recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this > transmission free from viruses, the sender will not be liable for > damages caused by a transmitted virus > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited. E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender. Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus
