Copyright © 2002-2005 by The Web Services-Interoperability Organization (WS-I) and Certain of its Members. All Rights Reserved.
This document defines the WS-I Basic Security Profile 1.0, based on a set of non-proprietary Web services specifications, along with clarifications and amendments to those specifications which promote interoperability.
This document is a Working Group Draft; it has been accepted by the Working Group as reflecting the current state of discussions. It is a work in progress, and should not be considered authoritative or final; other documents may supersede this document.
The material contained herein is not a license, either expressly or impliedly, to any intellectual property owned or controlled by any of the authors or developers of this material or WS-I. The material contained herein is provided on an "AS IS" basis and to the maximum extent permitted by applicable law, this material is provided AS IS AND WITH ALL FAULTS, and the authors and developers of this material and WS-I hereby disclaim all other warranties and conditions, either express, implied or statutory, including, but not limited to, any (if any) implied warranties, duties or conditions of merchantability, of fitness for a particular purpose, of accuracy or completeness of responses, of results, of workmanlike effort, of lack of viruses, and of lack of negligence. ALSO, THERE IS NO WARRANTY OR CONDITION OF TITLE, QUIET ENJOYMENT, QUIET POSSESSION, CORRESPONDENCE TO DESCRIPTION OR NON-INFRINGEMENT WITH REGARD TO THIS MATERIAL.
IN NO EVENT WILL ANY AUTHOR OR DEVELOPER OF THIS MATERIAL OR WS-I BE LIABLE TO ANY OTHER PARTY FOR THE COST OF PROCURING SUBSTITUTE GOODS OR SERVICES, LOST PROFITS, LOSS OF USE, LOSS OF DATA, OR ANY INCIDENTAL, CONSEQUENTIAL, DIRECT, INDIRECT, OR SPECIAL DAMAGES WHETHER UNDER CONTRACT, TORT, WARRANTY, OR OTHERWISE, ARISING IN ANY WAY OUT OF THIS OR ANY OTHER AGREEMENT RELATING TO THIS MATERIAL, WHETHER OR NOT SUCH PARTY HAD ADVANCE NOTICE OF THE POSSIBILITY OF SUCH DAMAGES.
The Web Services-Interoperability Organization (WS-I) would like to receive input, suggestions and other feedback ("Feedback") on this work from a wide variety of industry participants to improve its quality over time.
By sending email, or otherwise communicating with WS-I, you (on behalf of yourself if you are an individual, and your company if you are providing Feedback on behalf of the company) will be deemed to have granted to WS-I, the members of WS-I, and other parties that have access to your Feedback, a non-exclusive, non-transferable, worldwide, perpetual, irrevocable, royalty-free license to use, disclose, copy, license, modify, sublicense or otherwise distribute and exploit in any manner whatsoever the Feedback you provide regarding the work. You acknowledge that you have no expectation of confidentiality with respect to any Feedback you provide. You represent and warrant that you have rights to provide this Feedback, and if you are providing Feedback on behalf of a company, you represent and warrant that you have the rights to provide Feedback on behalf of your company. You also acknowledge that WS-I is not required to review, discuss, use, consider or in any way incorporate your Feedback into future versions of its work. If WS-I does incorporate some or all of your Feedback in a future version of the work, it may, but is not obligated to include your name (or, if you are identified as acting on behalf of your company, the name of your company) on a list of contributors to the work. If the foregoing is not acceptable to you and any company on whose behalf you are acting, please do not provide any Feedback.
Feedback on this document should be directed to wsi_secprofile_comment@lists.ws-i.org.
1. Introduction
1.1. Guiding
Principles
2. Document
Conventions
2.1. Security
Considerations
2.2. Notational
Conventions
2.3. Profile
Identification and Versioning
3. Profile
Conformance
3.1. Conformance
Requirements
3.2. Conformance
Targets
3.3. Conformance
Scope
3.4. Claiming
Conformance
4. Transport
Layer Security
4.1. SSL
and TLS
4.1.1. Use
of SSL 2.0
4.2. Security
Considerations
4.2.1. SOAPAction
Header
5. SOAP
Message Security
5.1. Security
Tokens
5.1.1. Binary
Security Token EncodingType Attribute
5.1.2.
Binary
Security Token ValueType Attribute
5.2. SecurityTokenReferences
5.2.1. Internal
References
5.2.2. Shorthand
XPointer References
5.2.3. References
to Preceding Security Tokens
5.2.4. Direct
Preferred to Embedded for Internal References
5.2.5. Direct
Required When Possible for External References
5.2.6. Format
of Embedded References
5.2.7. Key
Identifier for External References
5.2.8. Key
Name References Prohibited
5.2.9. http://www.ws-i.org/Profiles/BasicSecurityProfile-1.0-2005-01-20.html#KeyIdentifier/@ValueType_Attribute
5.2.10. Children
of wsse:Embedded
5.2.11. Reference
from wsse:SecurityTokenReference to
wsse:SecurityTokenReference
5.2.12. wsse:SecurityTokenReference/Reference
ValueType Attribute
5.2.13. wsse:SecurityTokenReference
constraints
5.2.14. wsse:SecurityTokenReference
Dereferencing Transform
5.3. Timestamps
5.3.1. wsu:Timestamp/wsu:Created
5.3.2. Occurence
constraints on wsu:Created and wsu:Expires
5.3.3. Value
constraints on wsu:Created and wsu:Expires
5.3.4. wsu:Timestamp
inside wsse:Security header
5.4. wsu:Id
References
5.4.1. wsu:Id
Attribute Uniqueness
5.5. wsse:Security
Processing Order
5.5.1. Order
of Processing
5.6. SOAP
Actor
5.6.1. SOAP
Actor Value
6. Username
Token Profile
6.1. Token
Usage
6.1.1. http://www.ws-i.org/Profiles/BasicSecurityProfile-1.0-2005-01-20.html#wsse_UsernameToken/wsse_Password/@Type
6.1.2. PasswordDigest
6.1.3. ValueType
attribute
6.1.4. Reference
by KeyIdentifier
6.1.5. Key
Derivation
6.1.6. Sign
UsernameToken
7. X.509
Certificate Token Profile
7.1. Token
Types
7.1.1. Certificate
Path
7.1.2. KeyIdentifier
8.
XML-Signature
8.1. General
Constraints on XML Signature
8.1.1. Types
of Signatures
8.2. Element
References in XML Signature
8.2.1. Reference
to Elements by Shorthand XPointer
8.2.2. Reference
to Elements by XPath Expression
8.3. XML
Signature Algorithms
8.3.1. Use
Exclusive C14N
8.3.2. Transform
required
8.3.3. Permitted
algorithms
8.4. XML
Signature Syntax
8.4.1. ds:HMACOutputLength
8.4.2. ds:KeyInfo
8.4.3. ds:Manifest
8.5. Security
Considerations
8.5.1. Sign
Security Token
9. XML
Encryption
9.1. XML
Encryption Processing Model
9.1.1. xenc:ReferenceList
9.1.2. xenc:EncryptedKey
9.2. XML
Encryption Syntax
9.2.1. Placement
9.2.2. xenc:EncryptedKey
attributes
9.2.3. xenc:EncryptedData
attributes
9.2.4. References
from xenc:EncryptedData
9.2.5. xenc:EncryptionMethod
mandatory
9.2.6. http://www.ws-i.org/Profiles/BasicSecurityProfile-1.0-2005-01-20.html#xenc_EncryptedKey/@Recipient
9.2.7. ds:KeyInfo/xenc:AgreementMethod
prohibited
9.2.8. xenc:EncryptedData
9.2.9. SOAP
Envelope
9.3. Element
References in XML Encryption
9.3.1. Reference
to Elements by Shorthand XPointer
9.4. XML
Encryption Algorithms
9.4.1. Permitted
Algorithms
9.5. Security
Considerations
9.5.1. Encrypt
DigestValue
10. Algorithms
10.1. Transport
Level Security Algorithms
10.1.1. Mandatory
ciphersuites
10.1.2. Recommended
ciphersuites
10.1.3. Discouraged
ciphersuites
10.1.4. Prohibited
ciphersuites
11. Relationship
of Basic Security Profile as an Extension to Basic Profile
11.1. Basic
Profile Clarifications
11.1.1. BP
Requirement R2301
11.1.2. BP
Requirement R2710
11.1.3. BP
Requirement R2712
11.1.4. BP
Requirement R2724
11.1.5. BP
Requirement R2725
11.1.6. BP
Requirement R2729
11.1.7. BP
Requirement R2738
11.1.8. BP
Requirement R1029
12. Attachment
Security
12.1. SOAP
with Attachments
12.1.1. Conformance
12.1.2. Scope
12.2. Signed
Attachments
12.2.1. Reference
12.2.2. Transform
12.3. Encrypted
Attachments
12.3.1. Reference
12.3.2. Content
13.
Security
Considerations
Appendix A: Referenced
Specifications
Appendix B: Extensibility
Points
Appendix C: Acknowledgements
This document defines the WS-I Basic Security Profile 1.0 (hereafter, "Profile"), consisting of a set of non-proprietary Web services specifications, along with clarifications to and amplifications of those specifications which promote interoperability.
Section 1, "Introduction," introduces the Profile and relates the philosophy that it takes with regard to interoperability.
Section 2, "Document Conventions," describes notational conventions utilized by this Profile.
Section 3, "Profile Conformance," explains what it means to be conformant to the Profile.
Each subsequent section addresses a component of the Profile, and consists of two parts: an overview detailing the component specifications and their extensibility points, followed by subsections that address individual parts of the component specifications. Note that there is no relationship between the section numbers in this document and those in the referenced specifications.
The Profile was developed according to a set of principles that, together, form the philosophy of the Profile, as it relates to bringing about interoperability. This section documents these guidelines.
This document follows conventions common to all WS-I profiles. These are described in the following sections.
The Profile will draw attention to security considerations; however, these are informational only and should be treated as non-normative. Adherence to these considerations does not guarantee security.
Security considerations are presented as follows:
Cnnnn Statement text here.
where "nnnn" is replaced by a number that is unique among the considerations in the Profile, thereby forming a unique consideration identifier.
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC2119.
Normative statements of requirements in the Profile (i.e., those impacting conformance, as outlined in "Conformance Requirements") are presented in the following manner:
RnnnnStatement text here.
where "nnnn" is replaced by a number that is unique among the requirements in the Profile, thereby forming a unique requirement identifier.
Requirement identifiers can be considered to be namespace qualified, in such a way as to be compatible with QNames from Namespaces in XML. If there is no explicit namespace prefix on a requirement's identifier (e.g., "R9999" as opposed to "bp10:R9999"), it should be interpreted as being in the namespace identified by the conformance URI of the document section it occurs in. If it is qualified, the prefix should be interpreted according to the namespace mappings in effect, as documented below.
Some requirements clarify the referenced specification(s), but do not place additional constraints upon implementations. For convenience, clarifications are annotated in the following manner: C
Some requirements are derived from ongoing standardization work on the referenced specification(s). For convenience, such forward-derived statements are annotated in the following manner: xxxx, where "xxxx" is an identifier for the specification (e.g., "WSDL20" for WSDL Version 2.0). Note that because such work was not complete when this document was publiished, the specification that the requirement is derived from may change; this information is included only as a convenience to implementers.
Extensibility points in underlying specifications (see "Conformance Scope") are presented in a similar manner:
EnnnnExtensibility Point Name - Description
where "nnnn" is replaced by a number that is unique among the extensibility points in the Profile. As with requirement statements, extensibility statements can be considered namespace-qualified.
This specification uses a number of namespace prefixes throughout; their associated URIs are listed below. Note that the choice of any namespace prefix is arbitrary and not semantically significant.
This document is identified by a name (in this case, Basic Security Profile) and a version number (here, 1.0). Together, they identify a particular profile instance.
Version numbers are composed of a major and minor portion, in the form "major.minor". They can be used to determine the precedence of a profile instance; a higher version number (considering both the major and minor components) indicates that an instance is more recent, and therefore supersedes earlier instances.
Instances of profiles with the same name (e.g., "Example Profile 1.1" and "Example Profile 5.0") address interoperability problems in the same general scope (although some developments may require the exact scope of a profile to change between instances).
One can also use this information to determine whether two instances of a profile are backwards-compatible; that is, whether one can assume that conformance to an earlier profile instance implies conformance to a later one. Profile instances with the same name and major version number (e.g., "Example Profile 1.0" and "Example Profile 1.1") MAY be considered compatible. Note that this does not imply anything about compatibility in the other direction; that is, one cannot assume that conformance with a later profile instance implies conformance to an earlier one.
Conformance to the Profile is defined by adherence to the set of requirements defined for a specific target, within the scope of the Profile. This section explains these terms and describes how conformance is defined and used.
Requirements state the criteria for conformance to the Profile. They typically refer to an existing specification and embody refinements, amplifications, interpretations and clarifications to it in order to improve interoperability. All requirements in the Profile are considered normative, and those in the specifications it references that are in-scope (see "Conformance Scope") should likewise be considered normative. When requirements in the Profile and its referenced specifications contradict each other, the Profile's requirements take precedence for purposes of Profile conformance.
Requirement levels, using RFC2119 language (e.g., MUST, MAY, SHOULD) indicate the nature of the requirement and its impact on conformance. Each requirement is individually identified (e.g., R9999) for convenience.
For example;
R9999 WIDGETs SHOULD be round in shape.
This requirement is identified by "R9999", applies to the target WIDGET (see below), and places a conditional requirement upon widgets; i.e., although this requirement must be met to maintain conformance in most cases, there are some situations where there may be valid reasons for it not being met (which are explained in the requirement itself, or in its accompanying text).
Each requirement statement contains exactly one requirement level keyword (e.g., "MUST") and one conformance target keyword (e.g., "MESSAGE"). The conformance target keyword appears in bold text (e.g. "MESSAGE"). Other conformance targets appearing in non-bold text are being used strictly for their definition and NOT as a conformance target. Additional text may be included to illuminate a requirement or group of requirements (e.g., rationale and examples); however, prose surrounding requirement statements must not be considered in determining conformance.
Definitions of terms in the Profile are considered authoritative for the purposes of determining conformance.
None of the requirements in the Profile, regardless of their conformance level, should be interpreted as limiting the ability of an otherwise conforming implementation to apply security countermeasures in response to a real or perceived threat (e.g., a denial of service attack).
Conformance targets identify what artifacts (e.g., SOAP message, WSDL description, UDDI registry data) or parties (e.g., SOAP processor, end user) requirements apply to.
This allows for the definition of conformance in different contexts, to assure unambiguous interpretation of the applicability of requirements, and to allow conformance testing of artifacts (e.g., SOAP messages and WSDL descriptions) and the behavior of various parties to a Web service (e.g., clients and service instances).
Requirements' conformance targets are physical artifacts wherever possible, to simplify testing and avoid ambiguity.
The following conformance targets are used in the Profile:
The scope of the Profile delineates the technologies that it addresses; in other words, the Profile only attempts to improve interoperability within its own scope. Generally, the Profile's scope is bounded by the specifications referenced by it.
The Profile's scope is further refined by extensibility points. Referenced specifications often provide extension mechanisms and unspecified or open-ended configuration parameters; when identified in the Profile as an extensibility point, such a mechanism or parameter is outside the scope of the Profile, and its use or non-use is not relevant to conformance.
Note that the Profile may still place requirements on the use of an extensibility point. Also, specific uses of extensibility points may be further restricted by other profiles, to improve interoperability when used in conjunction with the Profile.
Because the use of extensibility points may impair interoperability, their use should be negotiated or documented in some fashion by the parties to a Web service; for example, this could take the form of an out-of-band agreement.
The Profile's scope is defined by the referenced specifications in Appendix A, as refined by the extensibility points in Appendix B.
Claims of conformance to the Profile can be made using the following mechanisms, as described in Conformance Claim Attachment Mechanisms, when the applicable Profile requirements associated with the listed targets have been met:
The CCAM URI may change before final publication.
The conformance claim URI for this Profile is "http://ws-i.org/profiles/basic-security/core/1.0", with the following exceptions, which are associatedwith specific sections:
This section of the Profile incorporates the following specifications by reference, and defines extensibility points within them:
The following specifications (or sections thereof) are referred to in this section of the Profile:
SSL and TLS are both used as underlying protocols for HTTP/S. This profile places the following constraints on those protocols:
SSL 2.0 has known security issues and all current implementations of HTTP/S support more recent protocols. Therefore this profile prohibits use of SSL 2.0.
R2001 A SENDER MUST NOT use SSL 2.0 as the underlying protocol for HTTP/S
R2002 A RECEIVER MUST NOT use SSL 2.0 as the underlying protocol for HTTP/S
The following specifications (or sections thereof) are referred to in this section of the Profile:
HTTP headers are only protected when SSL or TLS is used, and even then only between adjacent SOAP nodes. This profile places the following constraints on the use of HTTP headers:
C2010 A SECURE_ENVELOPE SHOULD NOT be transmitted in an HTTP message containing a SOAPAction header in order to prevent processing based on this potentially unsecured value.
This section of the Profile incorporates the following specifications by reference, and defines extensibility points within them:
The following specifications (or sections thereof) are referred to in this section of the Profile:
This Profile places the following constraints on the use of Security Tokens:Base64Binary is the only encoding type specified by Web Services Security: SOAP Message Security. Explicit specification of default values simplifies XML processing requirements.
R3029 A SECURITY_TOKEN named wsse:BinarySecurityToken MUST specify an EncodingType attribute.
R3030 An EncodingType attribute of a SECURITY_TOKEN named wsse:BinarySecurityToken MUST have a value of "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary".
A BinarySecurityToken may specify its encoding type. The Profile restricts the encoding type to Base64Binary and requires its explicit specification.
INCORRECT:
<!-- This example is incorrect because the wsse:BinarySecurityToken element is missing an EncodingType attribute --> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken>
CORRECT:
<wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken>
There is no appropriate default for ValueType.
R3031 A SECURITY_TOKEN named wsse:BinarySecurityToken MUST specify a ValueType attribute.
R3032 An ValueType attribute of a SECURITY_TOKEN named wsse:BinarySecurityToken MUST have a value specified by the related security token profile.
R3033 A SECURITY_TOKEN named wsse:BinarySecurityToken containing a single X.509 Certificate MUST specify a ValueType attribute with the value "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509".
Web Services Security: SOAP Message Security allows for a BinarySecurityToken to optionally specify its ValueType. The Profile restricts the ValueType to one of those specified by a security token profile and requires its specification.
INCORRECT:
<!-- This example is incorrect because the wsse:BinarySecurityToken element is missing a ValueType attribute --> <wsse:BinarySecurityToken wsu:Id='SomeCert' EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken>
INCORRECT:
<!-- This example is incorrect because the ValueType attribute on the wsse:BinarySecurityToken element has an incorrect value. --> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://www.mta.org/NYC#SubwayToken" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken>
CORRECT:
<wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken>
The following specifications (or sections thereof) are referred to in this section of the Profile:
Web Services Security: SOAP Message Security defines a wsse:SecurityTokenReference element for use in SOAP messages. This Profile places the following constraints on its use:Reference by Key Identifier may be ambiguous.
R3022 When a SECURITY_TOKEN_REFERENCE references an INTERNAL_SECURITY_TOKEN which has a wsu:Id attribute, the reference MUST use either a Direct Reference or an Embedded Reference.
Direct and Embedded are preferred over Key Identifier References.
INCORRECT:
<!-- This example is incorrect because it refers to a wsse:BinarySecurityToken element which specifies a wsu:id attribute using a wsse:KeyIdentifier element rather than a wsse:Reference or wsse:Embedded element --> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <wsse:SecurityTokenReference> <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#X509SubjectKeyIdentifier"> MIGfMa0GCSq </wsse:KeyIdentifier> </wsse:SecurityTokenReference> </wsse:Security>
CORRECT:
<wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </wsse:Security>
CORRECT:
<wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:SecurityTokenReference> <wsse:Embedded wsu:Id="TheEmbeddedElementAroundSomeCert"> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> </wsse:Embedded> </wsse:SecurityTokenReference> </wsse:Security>
Constraining the number of different referencing mechanisms reduces complexity and thus improves interoperability. The wsse:BinarySecurityToken, the element which contains the security token, has a wsu:Id attribute allowing references to this token to use Shorthand XPointers.
R5204 When a SECURITY_TOKEN_REFERENCE uses a Direct Reference to an INTERNAL_SECURITY_TOKEN, it MUST use a Shorthand XPointer Reference.
CORRECT:
<wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <xenc:EncryptedKey> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' /> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"/> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> XZEEVABD3L9G+VNTCDiDTE7WB1a4kILtz5f9FT747eE= </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedKey> </wsse:Security>
CORRECT:
<wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <rel:license xmlns:rel='urn:mpeg:mpeg21:2003:01-REL-R-NS' wsu:Id='SomeLic' licenseId='uuid:3D680C71-177B-40cc-84C1-123B02503524' > . . . </rel:license> <ds:Signature> . . . <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeLic' ValueType="http://docs.oasis-open.org/wss/2004/##/oasis-####-wss-REL-token-profile-1.0#license" /> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security>
Ensuring that a security token appears before it is referenced means that the implementations already have the token in hand when it is needed to verify a signature or perform decryption.
R5205 An INTERNAL_SECURITY_TOKEN MUST precede the first SECURITY_TOKEN_REFERENCE that references it.
Any wsse:BinarySecurityToken element must appear before a referencing wsse:SecurityTokenReference element in document order.
INCORRECT:
<!-- This example is incorrect because the wsse:BinarySecurityToken with the wsu:Id of SomeCert appears after it is referenced from within the xenc:EncryptedKey element --> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <xenc:EncryptedKey> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' /> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"/> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> XZEEVABD3L9G+VNTCDiDTE7WB1a4kILtz5f9FT747eE= </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedKey> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> </wsse:Security>
CORRECT:
<wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <xenc:EncryptedKey> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' /> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"/> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> XZEEVABD3L9G+VNTCDiDTE7WB1a4kILtz5f9FT747eE= </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedKey> </wsse:Security>
Since multiple security elements may reference a single token and processing of those elements may result in the removal of the element, consistent use of direct rather than embedded references simplifies processing.
R3023 Each SECURITY_TOKEN_REFERENCE that refers to an INTERNAL_SECURITY_TOKEN that is referenced several times SHOULD be a direct reference rather than an embedded reference.
Direct references are encouraged. Embedded references are discouraged.
INCORRECT:
<!-- This example is incorrect because it uses a wsse:Embedded element for the wsse:BinarySecurityToken with the wsu:Id of SomeCert. It is assumed that this token is referred to from several places elsewhere in the SOAP envelope ( not shown ) --> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:SecurityTokenReference> <wsse:Embedded wsu:Id="TheEmbeddedElementAroundSomeCert"> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> </wsse:Embedded> </wsse:SecurityTokenReference> </wsse:Security>
CORRECT:
<wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </wsse:Security>
R3024 When a SECURITY_TOKEN_REFERENCE references an EXTERNAL_SECURITY_TOKEN that can be referred to using a Direct Reference, a Direct Reference MUST be used.
CORRECT:
<wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:SecurityTokenReference> <wsse:Reference URI='http://www.ws-i.org/CertStore/Examples/BSP.PEM' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </wsse:Security>
R3025 When a wsse:Embedded element in a SECURITY_TOKEN_REFERENCE is used to specify an inline INTERNAL_SECURITY_TOKEN, its format MUST be the same as if the token were a child of a SECURITY_HEADER.
INCORRECT:
<!-- This example is incorrect because the wsse:Embedded element carries the data for the X.509 certificate directly rather than as a wsse:BinarySecurityToken element --> <wsse:SecurityTokenReference> <wsse:Embedded wsu:Id="SomeCert"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:Embedded> </wsse:SecurityTokenReference>
CORRECT:
<wsse:SecurityTokenReference> <wsse:Embedded wsu:Id="TheEmbeddedElementAroundSomeCert"> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> </wsse:Embedded> </wsse:SecurityTokenReference>
R3026 When a SECURITY_TOKEN_REFERENCE references an EXTERNAL_SECURITY_TOKEN that cannot be referred to using a Direct Reference but can be referred to using a Key Identifier or ds:X509Data/ds:X509IssuerSerial, a Key Identifier or ds:X509Data/ds:X509IssuerSerial MUST be used.
CORRECT:
<wsse:SecurityTokenReference> <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#X509SubjectKeyIdentifier" > MIGfMa0GCSq </wsse:KeyIdentifier> </wsse:SecurityTokenReference>
CORRECT:
<wsse:SecurityTokenReference> <ds:X509Data> <ds:X509IssuerSerial> <ds:X509IssuerName>CN=Security WG, OU=BSP, O=WS-I, C=US</ds:X509IssuerName> <ds:X509IssuerSerial>54A4E9</ds:X509IssuerSerial> </ds:X509IssuerSerial> </ds:X509Data> </wsse:SecurityTokenReference>
R3027 A SECURITY_TOKEN_REFERENCE MUST NOT use a Key Name to reference a SECURITY_TOKEN.
INCORRECT:
<!-- This example is incorrect because it uses a ds:KeyName element to refer to an X.509 certificate --> <wsse:SecurityTokenReference> <ds:KeyName>CN=Security WG, OU=BSP, O=WS-I, C=US</ds:KeyName> </wsse:SecurityTokenReference>
R3054 A wsse:KeyIdentifier element in a SECURITY_TOKEN_REFERENCE MUST specify a ValueType attribute.
R3063 A ValueType attribute on a wsse:KeyIdentifier element in a SECURITY_TOKEN_REFERENCE MUST have a value specified within the security token profile associated with the referenced SECURITY_TOKEN.
INCORRECT:
<!-- This example is incorrect because the wsse:KeyIdentifier element is missing a ValueType attribute --> <wsse:SecurityTokenReference> <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> MIGfMa0GCSq </wsse:KeyIdentifier> </wsse:SecurityTokenReference>
CORRECT:
<wsse:SecurityTokenReference> <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#X509SubjectKeyIdentifier" > MIGfMa0GCSq </wsse:KeyIdentifier> </wsse:SecurityTokenReference>
R3055 A wsse:Embedded element in a SECURE_ENVELOPE MUST NOT contain a wsse:SecurityTokenReference child element.
R3060 A wsse:Embedded element in a SECURE_ENVELOPE MUST contain a single child element for a security token from a token profile.
INCORRECT:
<!-- This example is incorrect because the wsse:Embedded element contains a wsse:SecurityTokenReference element --> <wsse:SecurityTokenReference> <wsse:Embedded wsu:Id="TheEmbeddedElementAroundSomeSTR"> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </wsse:Embedded> </wsse:SecurityTokenReference>
INCORRECT:
<!-- This example is incorrect because the wsse:Embedded element has multiple element children --> <wsse:SecurityTokenReference> <wsse:Embedded wsu:Id="TheEmbeddedElementAroundSomeCerts"> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <wsse:BinarySecurityToken wsu:Id='SomeOtherCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> </wsse:Embedded> </wsse:SecurityTokenReference>
CORRECT:
<wsse:SecurityTokenReference> <wsse:Embedded wsu:Id="TheEmbeddedElementAroundSomeCert"> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> </wsse:Embedded> </wsse:SecurityTokenReference>
R3056 A SECURITY_TOKEN_REFERENCE MUST NOT use a Direct Reference to another SECURITY_TOKEN_REFERENCE that does not have a wsse:Embedded child element.
R3064 When a SECURITY_TOKEN_REFERENCE uses a Direct Reference to an INTERNAL_SECURITY_TOKEN contained within an wsse:Embedded element of another SECURITY_TOKEN_REFERENCE, the reference MUST be to the contained INTERNAL_SECURITY_TOKEN not to the wsse:Embedded element.
INCORRECT:
<!-- This example is incorrect because the second wsse:SecurityTokenReference element refers to the wsse:SecurityTokenReference with an wsu:Id of TheFirstSTR --> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <wsse:SecurityTokenReference wsu:Id="TheFirstSTR"> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> <wsse:SecurityTokenReference> <wsse:Reference URI='#TheFirstSTR' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference>
CORRECT:
<wsse:SecurityTokenReference> <wsse:Embedded wsu:Id="TheEmbeddedElementAroundSomeCert"> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> </wsse:Embedded> </wsse:SecurityTokenReference> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference>
R3059 A wsse:Reference element in a SECURITY_TOKEN_REFERENCE MUST specify a ValueType attribute.
R3058 A wsse:Reference element in a SECURITY_TOKEN_REFERENCE MUST specify a ValueType attribute that matches any ValueType specified by a token profile for the the referenced SECURITY_TOKEN.
R3061 A SECURITY_TOKEN_REFERENCE MUST have exactly one child element.
R3062 A wsse:Reference element in a SECURITY_TOKEN_REFERENCE MUST specify a URI attribute.
R3065 When a SIGNATURE uses the SecurityTokenReference Dereferencing Transform, the ds:CanonicalizationMethod element MUST be present and wrapped in a wsse:TransformationParameters element.
The following specifications (or sections thereof) are referred to in this section of the Profile:
Web Services Security: SOAP Message Security defines a Timestamp element for use in SOAP messages. This Profile places the following constraints on its use:
The wsu:Created element represents the creation time of the security semantics. This element is REQUIRED and can only be specified once in a Timestamp element. Within the SOAP processing model, creation is the instant that the Infoset is serialized for transmission.
R3203 A TIMESTAMP MUST have exactly one wsu:Created element child.
INCORRECT:
<!-- This example is incorrect because the wsu:Timestamp element is missing a wsu:Created child element --> <wsu:Timestamp wsu:Id="timestamp"> <wsu:Expires>2001-10-13T09:00:00Z</wsu:Expires> </wsu:Timestamp>
CORRECT:
<wsu:Timestamp wsu:Id="timestamp"> <wsu:Created>2001-09-13T08:42:00Z</wsu:Created> <wsu:Expires>2001-10-13T09:00:00Z</wsu:Expires> </wsu:Timestamp>
R3223 A TIMESTAMP MUST NOT contain more than one wsu:Created element.
R3224 A TIMESTAMP MUST NOT contain more than one wsu:Expires element.
R3221 If a TIMESTAMP contains both a wsu:Created element and a wsu:Expires element they MUST appear in the order: wsu:Created then wsu:Expires.
R3213 A TIMESTAMP MUST NOT include wsu:Created or wsu:Expires values that specify leap seconds.
R3225 A wsu:Created element within a TIMESTAMP MUST NOT include a ValueType attribute.
R3226 A wsu:Expires element within a TIMESTAMP MUST NOT include a ValueType attribute.
R3217 A TIMESTAMP MUST only contain time instants in UTC format as specified by the XML Schema type (dateTime).
R3218 A SECURITY_HEADER MUST NOT contain a wsu:timestamp that is not its immediate child.
R3219 A SECURITY_HEADER MUST NOT contain more than one TIMESTAMP.
The following specifications (or sections thereof) are referred to in this section of the Profile:
Web Services Security: SOAP Message Security defines a wsu:Id element for use in SOAP messages. This Profile places the following constraints on its use:
R3204 Two wsu:Id attributes within any SECURE_ENVELOPE MUST NOT have the same value.
The following specifications (or sections thereof) are referred to in this section of the Profile:
Web Services Security: SOAP Message Security defines the order for processing signature and encryption blocks within wsse:Security headers. This Profile provides the following guidance:
R3212 Within a SECURITY_HEADER, all SIGNATURE, ENCRYPTED_KEY, and ENCRYPTION_REFERENCE_LIST elements MUST be ordered so a receiver will get the correct result by processing the elements in the order they appear.
The following specifications (or sections thereof) are referred to in this section of the Profile:
SOAP defines an actor attribute for use in SOAP headers. This Profile places the following constraints on its use:
R3206 Within a SECURE_ENVELOPE there MUST be at most one SECURITY_HEADER with the actor attribute omitted.
R3210 Within a SECURE_ENVELOPE there MUST be at most one SECURITY_HEADER with the same actor attribute value.
This section of the Profile incorporates the following specifications by reference:
To avoid ambiguity, the Type attribute must always be specified on the wsse:Password element of a wsse:UsernameToken
R4201 A wsse:UsernameToken/wsse:Password element in a SECURITY_HEADER MUST specify a Type attribute.
INCORRECT:
<!-- This example is incorrect because the wsse:Password element is missing a Type attribute with a value of http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText --> <wsse:UsernameToken xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' > <wsse:Username>Bert</wsse:Username> <wsse:Password>Ernie</wsse:Password> </wsse:UsernameToken>
INCORRECT:
< <!-- This example is incorrect because the wsse:Password element is missing a Type attribute with a value of http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest --> <wsse:UsernameToken xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' > <wsse:Username>Bert</wsse:Username> <wsse:Password>B5twk47KwSrjeg==</wsse:Password> </wsse:UsernameToken>
CORRECT:
<wsse:UsernameToken xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' > <wsse:Username>Bert</wsse:Username> <wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText'> Ernie </wsse:Password> </wsse:UsernameToken>
CORRECT:
<wsse:UsernameToken xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' > <wsse:Username>Bert</wsse:Username> <wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest'> B5twk47KwSrjeg== </wsse:Password> </wsse:UsernameToken>
R4212 When a wsse:Password element with a Type attribute with a value of "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest" is used within a SECURITY_TOKEN, its value MUST be computed using the following formula, where "+" indicates concatenation: Password_Digest = Base64 ( SHA-1 ( nonce + created + password ) ). That is, concatenate the nonce, creation timestamp, and the password (or shared secret or password equivalent), digest the combination using the SHA-1 hash algorithm, then include the Base64 encoding of that result as the password (digest). Any elements that are not present are simply omitted from the concatenation.
R4214 When a SECURITY_TOKEN named wsse:UsernameToken is referenced by a SECURITY_TOKEN_REFERENCE then the wsse:SecurityTokenReference/wsse:Reference/@ValueType attribute MUST have a value of "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#UsernameToken".
R4215 When a SECURITY_TOKEN_REFERENCE refers to a wsse:UsernameToken, a KeyIdentifier reference MUST NOT be used.
The Username Token profile does not currently define a key derivation algorithm. The OASIS WSS TC is expected to address this issue sometime in the future.
C4210 Any SECURITY_TOKEN named wsse:UsernameToken that contains a wsse:Nonce element and a wsse:Password element with a Type attribute value of "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" SHOULD be referenced by a ds:Reference in a SIGNATURE in order to prevent replay.
C4211 Any SECURITY_TOKEN named wsse:UsernameToken that contains a wsu:Created element and a wsse:Password element with a Type attribute value of "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" SHOULD be referenced by a ds:Reference in a SIGNATURE in order to prevent replay.
This section of the Profile incorporates the following specifications by reference, and defines extensibility points within them:
The following specifications (or sections thereof) are referred to in this section of the Profile:
Web Services Security: X.509 Token Profile defines 3 token types: X509v3; x509PKIPathv1; and PKCS7. This Profile places the following constraints on their use:
Interoperability issues may arise if different forms of certificate path information are used when not expected. X509PKIPathv1 is preferred because it allows more efficient certificate path processing. PKCS7 is a more mature and widely implemented standard so it is also allowed.
R5201 When certificate path information is provided, a SENDER MUST provide one of the X509PKIPathv1 or PKCS7 token types.
R5202 When certificate path information is provided, a SENDER SHOULD provide the X509PKIPathv1 token type.
R5203 When certificate path information is provided, a RECEIVER MUST accept X509PKIPathv1 and PKCS7 token types.
R5206 When the wsse:KeyIdentifier element is used within a SECURITY_TOKEN_REFERENCE to specify a reference to an X.509 Certificate Token, the wsse:KeyIdentifier element MUST have ValueType attribute with the value http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#X509SubjectKeyIdentifier and its contents MUST be the value of the certificate's X.509 SubjectKeyIdentifier extension.
Web Services Security: SOAP Message Security builds on XML Signature, defining usage of various elements from XML Signature and a processing model. This Profile places the constraints defined in this section on the use of XML Signature with Web Services Security: SOAP Message Security. This Profile places no constraints on other use of XML Signature.
This section of the Profile incorporates the following specifications by reference:
Due to the nature of the SOAP processing model, which is based on recognising the elements that are children of soap:Header and/or soap:Body, use of enveloping signatures, where the signed XML is encapsulated in a ds:Signature element, is inappropriate. Enveloped signatures, where the ds:Signature element is a descendant of the signed element, limit the ability of intermediaries to process messages and should be avoided unless said limitation is the desired effect.
R3102 A SIGNATURE MUST NOT be an Enveloping Signature as defined by the XML Signature specification.
R3103 A SIGNATURE SHOULD be a Detached Signature as defined by the XML Signature specification.
R3104 A SIGNATURE SHOULD NOT be an Enveloped Signature as defined by the XML Signature Specification.
Detached signatures are encouraged. Enveloped signatures are discouraged. Enveloping signatures are not allowed.
INCORRECT:
<!-- This example is incorrect because it contains an enveloping signature around the SomeSecurityToken element --> <ds:Signature Id='TheSig' xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#" '> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='wsse soap' /> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1' /> <ds:Reference URI='#SigPropBody'> <ds:Transforms> <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='' /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>i3qi5GjhHnfoBn/jOjQp2mq0Na4=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>oxNwoqGbzqg1YBliz+PProgcjw8=</ds:SignatureValue> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"/> </wsse:SecurityTokenReference> </ds:KeyInfo> <ds:Object> <ds:SignatureProperties> <ds:SignatureProperty Id='SigPropBody' Target='#TheSig'> <SomeSecurityToken/> </ds:SignatureProperty> </ds:SignatureProperties> </ds:Object> </ds:Signature>
CORRECT:
<ds:Signature xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#" '> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='wsse soap' /> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1' /> <ds:Reference URI='#TheBody'> <ds:Transforms> <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='soap wsu m' /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>i3qi5GjhHnfoBn/jOjQp2mq0Na4=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>PipXJ2Sfc+LTDnq4pM5JcIYt9gg=</ds:SignatureValue> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature>
The following specifications (or sections thereof) are referred to in this section of the Profile:
Element references are used to specify which portions of a SECURE_ENVELOPE are integrity protected. This Profile places the following constraints on the use of element references:
R3001 When a ds:Reference in a SIGNATURE refers to an element that carries a wsu:Id attribute or a Local ID attribute defined by XML Signature or XML Encryption, a Shorthand XPointer Reference MUST be used to refer to that element.
R3003 When a ds:Reference/@URI in a SIGNATURE is a Shorthand XPointer Reference to an XML Signature element, the reference value MUST be a Local ID defined by XML Signature.
R3004 When a ds:Reference/@URI in a SIGNATURE is a Shorthand XPointer Reference to an XML Encryption element, the reference value MUST be a Local ID defined by XML Encryption.
R3005 When a ds:Reference/@URI in a SIGNATURE is a Shorthand XPointer Reference to an element not defined by XML Signature or XML Encryption, the reference value SHOULD be a wsu:Id.
Elements that do not have an attribute of type ID cannot be refered to by Shorthand XPointer References so a different referencing mechanism is needed. The XPath Filter 2.0 transform is more efficient than the original XPath transform from XML Digital Signature Syntax and Processing.
R3002 When referring to an element in a SECURE_ENVELOPE that does NOT carry an attribute of type ID from a ds:Reference in a SIGNATURE the XPath Filter 2.0 Transform (http://www.w3.org/2002/06/xmldsig-filter2) MUST be used to refer to that element.
INCORRECT:
<!-- This example is incorrect because it uses the http://www.w3.org/TR/1999/REC-xpath-19991116 transform to reference the Body which contains an ID attribute --> <soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope' > <soap:Header> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <ds:Signature xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#" '> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='wsse soap wsu' /> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1' /> <ds:Reference URI=''> <ds:Transforms> <ds:Transform Algorithm='http://www.w3.org/TR/1999/REC-xpath-19991116'> <ds:XPath>/soap:Envelope/soap:Body/*</ds:XPath> </ds:Transform> <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='soap wsu m' /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>VEPKwzfPGOxh2OUpoK0bcl58jtU=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>+diIuEyDpV7qxVoUOkb5rj61+Zs=</ds:SignatureValue> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security> </soap:Header> <soap:Body xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' wsu:Id='TheBody'> <m:SomeElement xmlns:m='http://example.org/ws' /> </soap:Body> </soap:Envelope>
CORRECT:
<soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope' > <soap:Header> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <ds:Signature xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#" '> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='wsse soap wsu' /> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1' /> <ds:Reference URI=''> <ds:Transforms> <ds:Transform Algorithm='http://www.w3.org/2002/06/xmldsig-filter2' xmlns:dsxp='http://www.w3.org/2002/06/xmldsig-filter2'> <dsxp:XPath Filter='intersect'>/soap:Envelope/soap:Body/*</dsxp:XPath> </ds:Transform> <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='soap wsu m' /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>VEPKwzfPGOxh2OUpoK0bcl58jtU=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>+diIuEyDpV7qxVoUOkb5rj61+Zs=</ds:SignatureValue> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security> </soap:Header> <soap:Body xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' wsu:Id='TheBody'> <m:SomeElement xmlns:m='http://example.org/ws' /> </soap:Body> </soap:Envelope>
The use of Exclusive Canonicalization with c14n:InclusiveNamespaces/@Prefix addresses problems with both Inclusive Canonicalization and Exclusive Canonicalization without c14n:InclusiveNamespaces/@Prefix.
R5404 Any ds:CanonicalizationMethod/@Algorithm attribute in a SIGNATURE MUST have a value of "http://www.w3.org/2001/10/xml-exc-c14n#" indicating that is uses Exclusive C14N without comments for canonicalization.
R5406 Any ds:CanonicalizationMethod element within a SIGNATURE that has an @Algorithm attribute whose value is "http://www.w3.org/2001/10/xml-exc-c14n#" MUST have a c14n:InclusiveNamespaces child element with an @PrefixList attribute.
R5407 Any ds:Transform element within a SIGNATURE that has an @Algorithm attribute whose value is "http://www.w3.org/2001/10/xml-exc-c14n#" MUST have a c14n:InclusiveNamespaces child element with an @PrefixList attribute.
R5405 Any c14n:InclusiveNamespaces/@PrefixList attribute within a SIGNATURE MUST contain the prefix of all in-scope namespaces for the element being signed and its descendants that are not visibly utilized, per Exclusive XML Canonicalization Version 1.0.
R5408 Any c14n:InclusiveNamespaces/@PrefixList attribute within a SIGNATURE MUST contain the string "#default" if a default namespace is in-scope for the element being signed but is not visibly utilized, per Exclusive XML Canonicalization Version 1.0.
INCORRECT:
<!-- This example is incorrect because it uses the http://www.w3.org/TR/2001/REC-xml-c14n-20010315 canonicalization algorithm --> <ds:CanonicalizationMethod Algorithm='http://www.w3.org/TR/2001/REC-xml-c14n-20010315' />
INCORRECT:
<!-- This example is incorrect because the ds:CanonicalizationMethod elements are missing a c14n:InclusiveNamespaces child element --> <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#" ' />
INCORRECT:
<!-- This example is incorrect because the PrefixList of the first c14n:InclusiveNamespaces element does not contain the correct list of prefixes. It should contain the soap and wsu prefixes in addition to the wsse prefix. --> <soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope' > <soap:Header> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <ds:Signature xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#" '> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='wsse' /> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1' /> <ds:Reference URI='#TheBody'> <ds:Transforms> <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='soap wsu m' /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>VEPKwzfPGOxh2OUpoK0bcl58jtU=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>+diIuEyDpV7qxVoUOkb5rj61+Zs=</ds:SignatureValue> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security> </soap:Header> <soap:Body xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' wsu:Id='TheBody'> <m:SomeElement xmlns:m='http://example.org/ws' /> </soap:Body> </soap:Envelope>
CORRECT:
<soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope' > <soap:Header> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <ds:Signature xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#" '> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='wsse soap wsu' /> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1' /> <ds:Reference URI='#TheBody'> <ds:Transforms> <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='soap wsu m' /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>VEPKwzfPGOxh2OUpoK0bcl58jtU=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>+diIuEyDpV7qxVoUOkb5rj61+Zs=</ds:SignatureValue> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security> </soap:Header> <soap:Body xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' wsu:Id='TheBody'> <m:SomeElement xmlns:m='http://example.org/ws' /> </soap:Body> </soap:Envelope>
Canonicalization is critical to ensuring signatures are processed correctly, thus each ds:Reference will need at least one ds:Transform to specify the Exclusive C14N Canonicalization transform or a transform which itself incorporates Exclusive C14N Canonicalization.
R5410 Any ds:Reference element in a SIGNATURE MUST have a ds:Transforms child element.
R5411 Any ds:Transforms element in a SIGNATURE MUST have at least one ds:Transform child element.
R5412 Any ds:Transforms element in a SIGNATURE MUST have as its last child a ds:Transform element which specifies Exclusive C14N Canonicalization as its output.
INCORRECT:
<!-- This example is incorrect because the ds:Reference element does not have a ds:Transforms child element --> <ds:Reference URI='#TheBody'> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>VEPKwzfPGOxh2OUpoK0bcl58jtU=</ds:DigestValue> </ds:Reference>
CORRECT:
<ds:Reference URI='#TheBody'> <ds:Transforms> <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='' /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>+VTJraRYFT3pl7Z4uAWhmr5+bf4=</ds:DigestValue> </ds:Reference>
These algorithms are chosen for their cryptographic strength, utility or because they address some security concern.
R5420 Any ds:DigestMethod/@Algorithm element in a SIGNATURE MUST have the value "http://www.w3.org/2000/09/xmldsig#sha1"
R5421 Any ds:SignatureMethod/@Algorithm element in a SIGNATURE based on a symmetric key MUST have the value "http://www.w3.org/2000/09/xmldsig#hmac-sha1"
R5422 Any ds:SignatureMethod/@Algorithm element in a SIGNATURE based on an asymmetric key MUST have the value "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
R5423 Any ds:Transform/@Algorithm attribute in a SIGNATURE MUST have a value of "http://www.w3.org/2001/10/xml-exc-c14n#" or "http://www.w3.org/2002/06/xmldsig-filter2" or "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform" or "http://www.w3.org/2000/09/xmldsig#enveloped-signature" or "http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-swa-profile-1.0#Attachment-Content-Only-Transform" or "http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-swa-profile-1.0#Attachment-Complete-Transform"
CORRECT:
<soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope' > <soap:Header> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <xenc:EncryptedKey xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' > <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' /> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> XZEEVABD3L9G+VNTCDiDTE7WB1a4kILtz5f9FT747eE= </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedKey> <ds:Signature xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#" '> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='wsse soap' /> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#hmac-sha1' /> <ds:Reference URI='#TheBody'> <ds:Transforms> <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='' /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>+VTJraRYFT3pl7Z4uAWhmr5+bf4=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>+diIuEyDpV7qxVoUOkb5rj61+Zs=</ds:SignatureValue> </ds:Signature> </wsse:Security> </soap:Header> <soap:Body xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' wsu:Id='TheBody'> <m:SomeElement xmlns:m='http://example.org/ws' /> </soap:Body> </soap:Envelope>
CORRECT:
<soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope' > <soap:Header> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'> <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <ds:Signature xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#" '> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='wsse soap' /> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1' /> <ds:Reference URI='#TheBody'> <ds:Transforms> <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='' /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>+VTJraRYFT3pl7Z4uAWhmr5+bf4=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>+diIuEyDpV7qxVoUOkb5rj61+Zs=</ds:SignatureValue> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security> </soap:Header> <soap:Body xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' wsu:Id='TheBody'> <m:SomeElement xmlns:m='http://example.org/ws' /> </soap:Body> </soap:Envelope>
Editors' note:Update the SwA Profile URIs when final.
XML-Signature Syntax and Processing defines many elements and attributes. This Profile places the following constraints on the syntax of signatures:
The ds:HMACOutputLength provides an input parameter to the HMAC-SHA1 algorithm specifying how many bits of the output to use. Disallowing use of this element results in ALL the bits of the output being used.
R5401 The ds:HMACOutputLength element MUST NOT appear in a SIGNATURE.
INCORRECT:
<!-- This example is incorrect because the ds:SignatureMethod element has a ds:HMACOutputLength child element --> <ds:SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#hmac-sha1'> <ds:HMACOutputLength>128</ds:HMACOutputLength> </ds:SignatureMethod>
CORRECT:
<ds:SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#hmac-sha1' />
The ds:KeyInfo element allows for many different child elements. This profile mandates a single element and restricts the list to wsse:SecurityTokenReference, which is needed to reference security tokens, and ds:MgmtData, which is needed to include inline unencrypted key info. The latter would only be used when tranmission occurs over a secure transport.
R5402 A ds:KeyInfo element in a SIGNATURE MUST have exactly one child element.
R5424 A ds:KeyInfo element in an ENCRYPTED_KEY MUST have exactly one child element.
R5425 A ds:KeyInfo element in an ENCRYPTED_DATA MUST have exactly one child element.
R5409 The child element of a ds:KeyInfo element in a SIGNATURE MUST be either a SECURITY_TOKEN_REFERENCE or a ds:MgmtData element.
R5426 The child element of a ds:KeyInfo element in an ENCRYPTED_KEY MUST be either a SECURITY_TOKEN_REFERENCE or a ds:MgmtData element.
R5427 The child element of a ds:KeyInfo element in an ENCRYPTED_DATA MUST be either a SECURITY_TOKEN_REFERENCE or a ds:MgmtData element.
R5428 The child element of a ds:KeyInfo element in a SIGNATURE MUST be a SECURITY_TOKEN_REFERENCE if the ds:KeyInfo refers to a SECURITY_TOKEN.
R5429 The child element of a ds:KeyInfo element in a ENCRYPTED_KEY MUST be a SECURITY_TOKEN_REFERENCE if the ds:KeyInfo refers to a SECURITY_TOKEN.
R5430 The child element of a ds:KeyInfo element in a ENCRYPTED_DATA MUST be a SECURITY_TOKEN_REFERENCE if the ds:KeyInfo refers to a SECURITY_TOKEN.
CORRECT:
<ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo>
CORRECT:
<ds:KeyInfo> <ds:MgmtData>eMtKYL5PbZ59pu/zKtFkwQod0kA=</ds:MgmtData> </ds:KeyInfo>
The ds:Manifest element is designed for specific application level use cases that do not apply to the use of XML Signature in SOAP Message Security.
R5403 A SIGNATURE MUST NOT contain a ds:Manifest element.
INCORRECT:
<!-- This example is incorrect because the ds:Signature element has a ds:Manifest grandchild element --> <ds:Signature xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#" '> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='wsse soap' /> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1' /> <ds:Reference URI='#TheManifest'> <ds:Transforms> <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='' /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>OVuYKGY6KCGB0l0XHS3krj8vjek=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>L7X0Zw23/zYQnX4+Z+p0gCygKQ0=</ds:SignatureValue> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> <ds:Object> <ds:Manifest Id='TheManifest'> <ds:Reference URI='#TheBody'> <ds:Transforms> <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'> <c14n:InclusiveNamespaces xmlns:c14n='http://www.w3.org/2001/10/xml-exc-c14n#' PrefixList='' /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' /> <ds:DigestValue>+VTJraRYFT3pl7Z4uAWhmr5+bf4=</ds:DigestValue> </ds:Reference> </ds:Manifest> </ds:Object> </ds:Signature>
C5440 When the signer's SECURITY_TOKEN is an INTERNAL_SECURITY_TOKEN, the SIGNATURE SHOULD include a ds:Reference the refers to the signer's SECURITY_TOKEN in order to prevent substitution with another SECURITY_TOKEN that uses the same key. C
C5441 When the signer's SECURITY_TOKEN is an EXTERNAL_SECURITY_TOKEN, the SIGNATURE SHOULD include a ds:Reference that refers to the SECURITY_TOKEN_REFERENCE that refers to the signer's SECURITY_TOKEN using the Security Token Dereferencing Transform in order to prevent substitution of another SECURITY_TOKEN that uses the same key. C
Web Services Security: SOAP Message Security builds on XML Encryption, defining usage of various elements from XML Encryption and a processing model. This Profile places the constraints defined in this section on the use of XML Encryption with Web Services Security: SOAP Message Security. This Profile places no constraints on other use of XML Encryption.
This section of the Profile incorporates the following specifications by reference, and defines extensibility points within them:
Some encryption steps might not produce an xenc:ReferenceList. For those that do produce an xenc:ReferenceList, there must be a separate xenc:ReferenceList for each such encryption step. When there is a xenc:ReferenceList either as a child of wsse:Security or as a child of xenc:EncryptedKey it must list all the corresponding xenc:EncryptedData elements by using xenc:DataReference elements.
R3205 Each ENCRYPTION_REFERENCE_LIST produced as part of an encryption step MUST use a single key.
R3215 An ENCRYPTION_REFERENCE_LIST MUST contain an xenc:DataReference element for each ENCRYPTED_DATA produced in the associated encryption step.
R3214 An ENCRYPTED_KEY_REFERENCE_LIST MUST contain a xenc:DataReference for each ENCRYPTED_DATA produced in the associated encryption step.
To facilitate ease of processing, keys are required to appear inside wsse:Security headers and to appear before they are required for decryption of elements inside a wsse:Security header.
R3208 An ENCRYPTED_KEY MUST precede any ENCRYPTED_DATA referenced by the associated ENCRYPTED_KEY_REFERENCE_LIST.
INCORRECT:
<wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <xenc:EncryptedData Id='Enc1'> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#tripledes-cbc' /> <xenc:CipherData> <xenc:CipherValue> 9jFtYcLSlDZQBMjKfT7ctg6Jy+6sC8YORhiPeTvOjug7ozY2SRHGuLt8G/vf2f/f4IdF0ewiDOpq... </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> <xenc:EncryptedKey> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' /> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> XZEEVABD3L9G+VNTCDiDTE7WB1a4kILtz5f9FT747eE= </xenc:CipherValue> <xenc:ReferenceList> <xenc:DataReference URI='#Enc1' /> </xenc:ReferenceList> </xenc:CipherData> </xenc:EncryptedKey> </wsse:Security>
CORRECT:
<wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <xenc:EncryptedKey> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' /> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> XZEEVABD3L9G+VNTCDiDTE7WB1a4kILtz5f9FT747eE= </xenc:CipherValue> </xenc:CipherData> <xenc:ReferenceList> <xenc:DataReference URI='#Enc1' /> </xenc:ReferenceList> </xenc:EncryptedKey> <xenc:EncryptedData Id='Enc1'> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#tripledes-cbc' /> <xenc:CipherData> <xenc:CipherValue> 9jFtYcLSlDZQBMjKfT7ctg6Jy+6sC8YORhiPeTvOjug7ozY2SRHGuLt8G/vf2f/f4IdF0ewiDOpq... </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </wsse:Security>
The following specifications (or sections thereof) are referred to in this section of the Profile:
XML Encryption Syntax and Processing defines many elements and attributes. This Profile places the following constraints on their use:
R3216 Any ENCRYPTED_KEY that is used in an encryption step MUST contain a ENCRYPTED_KEY_REFERENCE_LIST.
INCORRECT:
<!-- This example is incorrect because the xenc:EncryptedKey element is missing an xenc:ReferenceList child element --> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <xenc:EncryptedKey> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' /> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> XZEEVABD3L9G+VNTCDiDTE7WB1a4kILtz5f9FT747eE= </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedKey> <xenc:ReferenceList> <xenc:DataReference URI='#Enc1' /> </xenc:ReferenceList> <xenc:EncryptedData Id='Enc1'> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#tripledes-cbc' /> <xenc:CipherData> <xenc:CipherValue> 9jFtYcLSlDZQBMjKfT7ctg6Jy+6sC8YORhiPeTvOjug7ozY2SRHGuLt8G/vf2f/f4IdF0ewiDOpq... </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </wsse:Security>
CORRECT:
<wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <xenc:EncryptedKey> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' /> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> XZEEVABD3L9G+VNTCDiDTE7WB1a4kILtz5f9FT747eE= </xenc:CipherValue> </xenc:CipherData> <xenc:ReferenceList> <xenc:DataReference URI='#Enc1' /> </xenc:ReferenceList> </xenc:EncryptedKey> <xenc:EncryptedData Id='Enc1'> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#tripledes-cbc' /> <xenc:CipherData> <xenc:CipherValue> 9jFtYcLSlDZQBMjKfT7ctg6Jy+6sC8YORhiPeTvOjug7ozY2SRHGuLt8G/vf2f/f4IdF0ewiDOpq... </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </wsse:Security>
R3209 Any ENCRYPTED_KEY MUST NOT specify a Type attribute.
R5622 Any ENCRYPTED_KEY MUST NOT specify a MimeType attribute.
R5623 Any ENCRYPTED_KEY MUST NOT specify a Encoding attribute.
R5624 Any ENCRYPTED_DATA MUST have an Id attribute.
R3211 Any SECURITY_TOKEN_REFERENCE inside an ENCRYPTED_DATA MUST NOT reference a ds:KeyInfo element.
R5601 Any ENCRYPTED_DATA MUST have an xenc:EncryptionMethod child element.
R5603 Any ENCRYPTED_KEY MUST have an xenc:EncryptionMethod child element.
INCORRECT:
<!-- This example is incorrect because the xenc:EncryptedKey element is missing an xenc:EncryptionMethod child element --> <xenc:EncryptedKey> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> XZEEVABD3L9G+VNTCDiDTE7WB1a4kILtz5f9FT747eE= </xenc:CipherValue> </xenc:CipherData> <xenc:ReferenceList> <xenc:DataReference URI='#Enc1' /> </xenc:ReferenceList> </xenc:EncryptedKey>
INCORRECT:
<!-- This example is incorrect because the xenc:EncryptedData element is missing an xenc:EncryptionMethod child element --> <xenc:EncryptedData Id='Enc1'> <xenc:CipherData> <xenc:CipherValue> 9jFtYcLSlDZQBMjKfT7ctg6Jy+6sC8YORhiPeTvOjug7ozY2SRHGuLt8G/vf2f/f4IdF0ewiDOpq... </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData>
CORRECT:
<wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' > <wsse:BinarySecurityToken wsu:Id='SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"> lui+Jy4WYKGJW5xM3aHnLxOpGVIpzSg4V486hHFe7sHET/uxxVBovT7JV1A2RnWSWkXm9jAEdsm/... </wsse:BinarySecurityToken> <xenc:EncryptedKey> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' /> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> XZEEVABD3L9G+VNTCDiDTE7WB1a4kILtz5f9FT747eE= </xenc:CipherValue> </xenc:CipherData> <xenc:ReferenceList> <xenc:DataReference URI='#Enc1' /> </xenc:ReferenceList> </xenc:EncryptedKey> <xenc:EncryptedData Id='Enc1'> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#tripledes-cbc' /> <xenc:CipherData> <xenc:CipherValue> 9jFtYcLSlDZQBMjKfT7ctg6Jy+6sC8YORhiPeTvOjug7ozY2SRHGuLt8G/vf2f/f4IdF0ewiDOpq... </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </wsse:Security>
R5602 Any ENCRYPTED_KEY MUST NOT contain a Recipient attribute.
INCORRECT:
<!-- This example is incorrect because the xenc:EncryptedKey element has a Recipient attribute --> <xenc:EncryptedKey Recipient='Bert'> <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' /> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI='#SomeCert' ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" /> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> XZEEVABD3L9G+VNTCDiDTE7WB1a4kILtz5f9FT747eE= </xenc:CipherValue> </xenc:CipherData> <xenc:ReferenceList> <xenc:DataReference URI='#Enc1' /> </xenc:ReferenceList> </xenc:EncryptedKey>
R5604 Any ds:KeyInfo elements in a ENCRYPTED_KEY MUST NOT have an xenc:AgreementMethod child element.
R5605 Any ds:KeyInfo elements in a ENCRYPTED_DATA MUST NOT have an xenc:AgreementMethod child element.
R5606 Within a SECURE_ENVELOPE, encrypted element or element content encrypted as a result of an encryption step MUST be replaced by a corresponding ENCRYPTED_DATA.
R5607 When encryption is used, the SECURE_ENVELOPE MUST still be a valid SOAP Envelope. Specifically, the Envelope, Header, or Body elements MUST NOT be encrypted.
R5608 When referring from an xenc:DataReference or xenc:KeyReference in an ENCRYPTION_REFERENCE_LIST to an element that carries a wsu:Id attribute or a Local ID attribute defined by either XML Signature or XML Encryption, a Shorthand XPointer Reference MUST be used to refer to that element.
R5613 When referring from a an xenc:DataReference or xenc:KeyReference in an ENCRYPTED_KEY_REFERENCE_LIST to an element that carries a wsu:Id attribute or a Local ID attribute defined by either XML Signature or XML Encryption, a Shorthand XPointer Reference MUST be used to refer to that element.
R3006 When a xenc:DataReference/@URI or xenc:KeyReference/@URI in a ENCRYPTION_REFERENCE_LIST is a Shorthand XPointer Reference to an XML Signature element, the reference value MUST be a Local ID defined by XML Signature.
R3007 When a xenc:DataReference/@URI or xenc:KeyReference in a ENCRYPTED_KEY_REFERENCE_LIST is a Shorthand XPointer Reference to an XML Signature element, the reference value MUST be a Local ID defined by XML Signature.
R5609 When an xenc:DataReference/@URI or xenc:KeyReference/@URI in an ENCRYPTION_REFERENCE_LIST is a Shorthand XPointer Reference to an XML Encryption element, the reference value MUST be a Local ID defined by XML Encryption.
R5610 When an xenc:DataReference/@URI or xenc:KeyReference/@URI in an ENCRYPTED_KEY_REFERENCE_LIST is a Shorthand XPointer Reference to an XML Encryption element, the reference value MUST be a Local ID defined by XML Encryption.
R5611 When an xenc:DataReference/@URI or xenc:KeyReference/@URI in an ENCRYPTION_REFERENCE_LIST is a Shorthand XPointer Reference to an element not defined by XML Signature or XML Encryption, the reference value SHOULD be a wsu:Id.
R5612 When an xenc:DataReference/@URI or xenc:KeyReference/@URI in an ENCRYPTED_KEY_REFERENCE_LIST is a Shorthand XPointer Reference to an element not defined by XML Signature or XML Encryption, the reference value SHOULD be a wsu:Id.
R5620 Any xenc:EncryptionMethod/@Algorithm attribute in an ENCRYPTED_DATA MUST have a value of "http://www.w3.org/2001/04/xmlenc#tripledes-cbc", "http://www.w3.org/2001/04/xmlenc#aes128-cbc" or "http://www.w3.org/2001/04/xmlenc#aes256-cbc"
R5621 When used for Key Transport, any xenc:EncryptionMethod/@Algorithm attribute in an ENCRYPTED_KEY MUST have a value of "http://www.w3.org/2001/04/xmlenc#rsa-1_5" or "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
R5625 When used for Key Wrap, any xenc:EncryptionMethod/@Algorithm attribute in an ENCRYPTED_KEY MUST have a value of "http://www.w3.org/2001/04/xmlenc#kw-tripledes", "http://www.w3.org/2001/04/xmlenc#kw-aes128", or "http://www.w3.org/2001/04/xmlenc#kw-aes256"
C5630 A SIGNATURE computed over data that is subsequently encrypted SHOULD also be encrypted in order to prevent plaintext guessing attacks when the probable set of data values is small.
This section provides guidance, and in some cases requirements, concerning the use of various categories of algorithms.
In SSL and TLS, choices of algorithms are expressed as ciphersuites. The following subsections specify ciphersuites that are required, recommended, discouraged and prohibited, respectively. The use of any other ciphersuite not discussed below is optional.
R5701 A TLS-capable INSTANCE that is not FIPS compliant MUST support TLS_RSA_WITH_3DES_EDE_CBC_SHA
R5702 A SSL-capable INSTANCE that is not FIPS compliant MUST support SSL_RSA_WITH_3DES_EDE_CBC_SHA
R5703 A TLS-capable INSTANCE that is FIPS compliant MUST support TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
R5704 A SSL-capable INSTANCE that is FIPS compliant MUST support SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
As the AES encryption algorithm is intended to supercede the 3DES algorithm, it is recommended that TLS-capable implementations implement TLS_RSA_WITH_AES_128_CBC_SHA or the FIPS equivalent, and SSL-capable implementations implement SSL_RSA_WITH_AES_128_CBC_SHA or the FIPS equivalent.
The ciphersuites defined in the SSL and TLS specifications that use anonymous Diffie-Helman ( i.e. those that have DH_anon in their symbolic name ) are vulnerable to man-in-the-middle attacks. It is recommended that such ciphersuites be avoided.
This profile recommends against the use of the following ciphersuites due to their lack of confidentiality services:
It is also recommended that ciphersuites that use 40 or 56 bit keys be avoided, due to their relative ease of compromise through brute-force attack.
This profile does not prohibit the use of any transport layer security ciphersuites, but careful thought should be given prior to the use of any ciphersuites discussed under "Discouraged ciphersuites".
The Basic Security Profile is an extension profile to the Basic Profile. This means it is consistent with the Basic Profile but profiles additional functionality - how to add conformant security features to the basic profile when needed.
As an extension of the Basic Profile, the Basic Security Profile is designed to support the addition of security functionality to SOAP messaging, in an interoperable manner. One example of such functionality is the confidentiality of selected SOAP header blocks and SOAP body elements through the use of OASIS Web Services Security encryption. The intent of such techniques is to change the nature of the SOAP message so that unintended parties cannot read such content. This means that the secured SOAP message is no longer obviously related to the original WSDL description, and is not intelligible without decryption. Other security mechanisms such as signatures may also modify the content of SOAP envelopes.
The Basic Profile includes requirements on the content of SOAP envelopes (or in BP 1.0 the format of SOAP messages). Testing conformance to these statements by using a "man-in-the-middle" interceptor as outlined in the WS-I Monitor Tool Functional Specification will not be possible if encryption has been applied to portions of the SOAP envelope and have not yet been decrypted. Even if interception is possible, some messages may have a different structure due to security.
Such SOAP messages still conform to the Basic Profile, since conformance to the Basic Profile means conformance once a receiver has reversed security changes introduced by a message sender. This is not obvious in some Basic Profile requirements, so this document further clarifies these requirements in the normative "Basic Profile Clarifications" section below.
It is helpful to visualize a SOAP message in light of a protocol layering model, such as the ISO seven layer protocol model [ Tanenbaum ]. This model shows how a protocol is in fact composed of different layers, and how to a given layer underlying layers are transparent. The implementation of a given protocol layer at an endpoint may be modeled as that implementation consuming a service of the underlying protocol layer, and providing a service to the layer above it. In this model no protocol layer need be aware of layers above or below it, making the layer implementations independent. This is illustrated in Figure 1.
Figure 1: Protocol Stack with SOAP Message Security
Traditionally, protocol layers have been distinguished by the use of protocol enveloping, where the message at one layer is conveyed as the body in the next lower layer. The sender passes a message to the lower level protocol implementation that packages it in a protocol envelope and sends it to the corresponding layer in the receiver. The sender and receiver at this lower layer perform whatever processing is necessary for delivery according to the specification of that layer, and finally the receiver passes the message up to the peer of the sender.
SOAP Security may be viewed as a lower layer with respect to the more general SOAP web services application layer. Thus a SOAP sender may pass a SOAP message to a lower layer SOAP security implementation that applies encryption (for example), and sends the message to the destination SOAP Security layer, which removes the encryption before passing the message up to the peer SOAP web services application layer.
Thus a Basic Profile interceptor and compliance monitoring activity should logically occur at a receiver at the interface between the SOAP security implementation and SOAP web services application layer.
This section of the Profile incorporates the following specifications by reference:
This section clarifies the BP1.0 (including Errata), BP1.1, SSBP1.0, and AP1.0 statements that might be unclear when SOAP Message Security is applied in compliance with the Basic Security Profile.
This section lists each possibly confusing BP1.0, BP1.1, SSBP1.0, and AP1.0 requirement and an associated statement to clarify that requirement in the context of the basic security profile.
When these clarifying statements include the phrase "reverse SOAP Message Security" it means to remove various impacts of applying SOAP Message Security that may have been applied since the MESSAGE (BP1.0) or ENVELOPE (BP 1.1) was originally created for that recipient according to the BP. This may mean decrypting relevant portions of the XML or removing XML Signature elements or making other reverse transformations as appropriate to the aspects of SOAP Message Security that were applied in the specific circumstance.
Not all security must be reversed, only that for the intended recipient, as applied to the BP compliant envelope before sent to that recipient.
bp10:R2301 states "The order of the elements in the soap:body of a MESSAGE MUST be the same as that of the wsdl:parts in the wsdl:message that describes it."
bp11:R2301 states "The order of the elements in the soap:body of an ENVELOPE MUST be the same as that of the wsdl:parts in the wsdl:message that describes it."
R5800 bp10:R2301 MUST be true after any SOAP Message Security has been reversed for the MESSAGE
R5801 bp11:R2301 MUST be true after any SOAP Message Security has been reversed for the ENVELOPE
bp10:R2710 states "The operations in a wsdl:binding in a DESCRIPTION MUST result in operation signatures that are different from one another."
bp11:R2710 states "The operations in a wsdl:binding in a DESCRIPTION MUST result in operation signatures that are different from one another."
R5802 bp10:R2710 MUST be true after SOAP Message Security processing has been reversed for the MESSAGE
R5803 bp11:R2710 MUST be true after SOAP Message Security processing has been reversed for the ENVELOPE
bp10:R2712 states "A document-literal binding MUST be serialized as a MESSAGE with a soap:Body whose child element is an instance of the global element declaration referenced by the corresponding wsdl:message part."
bp11:R2712 states "A document-literal binding MUST be serialized as an ENVELOPE with a soap:Body whose child element is an instance of the global element declaration referenced by the corresponding wsdl:message part."
R5804 bp10:R2712 MUST be true after any SOAP Message Security has been reversed for the MESSAGE
R5805 bp11:R2712 MUST be true after any SOAP Message Security has been reversed for the ENVELOPE
bp10:R2724 states "If an INSTANCE receives a message that is inconsistent with its WSDL description, it SHOULD generate a soap:Fault with a faultcode of 'Client', unless a 'MustUnderstand' or 'VersionMismatch' fault is generated."
bp11:R2724 states "If an INSTANCE receives an envelope that is inconsistent with its WSDL description, it SHOULD generate a soap:Fault with a faultcode of 'Client', unless a 'MustUnderstand' or 'VersionMismatch' fault is generated."
R5806 For bp10:R2724 "Inconsistent" MUST be taken to mean "Inconsistent after SOAP Message security has been reversed", for the MESSAGE
R5807 For bp11:R2724 "Inconsistent" MUST be taken to mean "Inconsistent after SOAP Message security has been reversed", for the ENVELOPE
bp10:R2725 states "If an INSTANCE receives a message that is inconsistent with its WSDL description, it MUST check for "VersionMismatch", "MustUnderstand" and "Client" fault conditions in that order."
bp11:R2725 states "If an INSTANCE receives an envelope that is inconsistent with its WSDL description, it MUST check for "VersionMismatch", "MustUnderstand" and "Client" fault conditions in that order."
R5808 With respect to bp10:R2725 the INSTANCE must check for consistency of the MESSAGE per BP 1.0 after reversing SOAP Message Security.
R5809 With respect to bp11:R2725 the INSTANCE must check for consistency of the ENVELOPE per BP 1.1 after reversing SOAP Message Security.
bp10:R2729 states "A MESSAGE described with an rpc-literal binding that is a response message MUST have a wrapper element whose name is the corresponding wsdl:operation name suffixed with the string 'Response'."
bp11:R2729 states "An ENVELOPE described with an rpc-literal binding that is a response MUST have a wrapper element whose name is the corresponding wsdl:operation name suffixed with the string 'Response'."
R5810 With respect to bp10:R2729 the verification of the wrapper element name of the MESSAGE must be performed after reversing SOAP Message Security.
R5811 With respect to bp11:R2729 the verification of the wrapper element name of the ENVELOPE must be performed after reversing SOAP Message Security.
bp10:R2738 states "A MESSAGE MUST include all soapbind:headers specified on a wsdl:input or wsdl:output of a wsdl:operation of a wsdl:binding that describes it.
bp11:R2738 states "An ENVELOPE MUST include all soapbind:headers specified on a wsdl:input or wsdl:output of a wsdl:operation of a wsdl:binding that describes it."
R5812 With respect to bp10:R2738 verification of a MESSAGE must occur after SOAP Message Security has been reversed.
R5813 With respect to bp11:R2738 verification of an ENVELOPE must occur after SOAP Message Security has been reversed.
This clarifies the Basic Profile's R1029 to reflect the fact that transmission of security related faults may increase the vulnerablility to certain attacks and in some cases faults should not be transmitted.
R5814 Where the normal outcome of processing a SECURE_ENVELOPE would have resulted in the transmission of a SOAP Response, but rather a fault is generated instead, a RECEIVER MAY transmit a fault or silently discard the message.
This section of the Profile incorporates the following specifications by reference:
The section provides guidance for protecting attachments when they are used with SOAP Messages. As is explained in Section 3 Conformance all features described in this Profile, including support for attachments and security for attachments in any form by any instance is not required.
SSL/TLS may be used to provide authentication, integrity and confidentiality protection, on a hop-by-hop basis, for an entire HTTP Message. This includes HTTP Headers, the SOAP Envelope, and all MIME Parts including MIME Headers.
SSL/TLS does not provide protection, except between adjacent HTTP Nodes, for HTTP Messages when the SOAP Message Path contains SOAP Intermediaries. An instance should not use SSL/TLS without WSS with Message Exchange Patterns (MEPs) that may contain SOAP intermediaries or when these security functions are required to be performed independently of the connection.
WSS may be used to provide authentication, integrity and confidentiality protection for a subset of the SOAP Message and associated attachments.WSS provides protection for SOAP Messages and attachments when the SOAP Message Path contains SOAP Intermediaries. An instance should use WSS with MEPs that may contain SOAP Intermediaries or when these security functions are required to be performed independently of the transport layer connection.
An instance may use SSL/TLS in conjunction with WSS if warranted by application security requirements. This combination provides integrity and confidentiality protection for the entire HTTP Message (on a hop-by-hop basis) including HTTP Headers, SOAP Envelope, and all MIME Parts including MIME Headers.
Application level security mechanisms, including XML Signature, XML Encryption, PKCS#7, S/MIME, etc. for attachment data may also be used by a instance where appropriate, but statements regarding the interoperability of such mechanisms are out of scope for this Profile.
Attachment security conformance claim URIs (as defined in 12.1) constitute an extensibility point of the Basic Security Profile. Profiles for other mechanisms for dealing with attachments and attachment security MUST define a URI for claiming conformance.
This Profile describes one attachment security mechanism and URI.
The following specifications (or sections thereof) are referred to in this section of the Profile:
R6000 Conformance to this section of the profile MUST be indicated by placing a ConformanceClaim element on the wsdl:port or wsdl:binding (per BP 1.0 Section 3.3) in the WSDL DESCRIPTION of the service with the following URI: http://ws-i.org/profiles/basic-security/swa/1.0.
R6001 The SECURE_MESSAGE MUST conform to Attachments Profile 1.0.
R6002 A signed and/or encrypted MIME Part in a SECURE_MESSAGE MUST be at the same MIME level as the root MIME Part containing the SECURE_ENVELOPE.
R6003 A Root MIME Part of a SECURE_MESSAGE MUST NOT be signed or encrypted.
R6100 A signed MIME Part MUST be referenced from within the SECURE_ENVELOPE using a ds:Signature//ds:Reference element with a URI attribute of the "cid:partToBeSigned".
R6101 A ds:Reference within a SECURE_ENVELOPE to a signed MIME Part MUST use a MIME Part Reference Transform designated by the URI "...#Attachment-Content-Only-Transform" or "...#Attachment-Complete-Transform". This MIME Part Reference Transform and URI will be specified before the final version of this Profile is released. The anticipated venue to define this Transform is the OASIS WSS TC.
R6102 XML canonicalization MUST NOT be applied when signing MIME Parts in a SECURE_MESSAGE containing XML.
R6104 Signed non-XML MIME Parts in a SECURE_MESSAGE MUST be MIME canonicalized according to the requirements of the MIME Type.
R6105 Signed XML MIME Parts in a SECURE_MESSAGE (other than the Root MIME Part containing the Primary SOAP Envelope) MUST be MIME canonicalized according to the requirements of the "text" MIME Type.
R6106 When using the "...#Attachment-Complete-Transform" the MIME Part in a SECURE_MESSAGE MUST have a Content-Type header.
R6201 An encrypted MIME Part in a SECURE_MESSAGE MUST be referenced using an ENCRYPTED_DATA in the SECURE_ENVELOPE with a Type attribute with the value "...#Attachment-Content-Only" or "...#Attachment-Complete".
R6202 The ENCRYPTED_DATA element in a SECURE_ENVELOPE that references an encrypted MIME Part in a SECURE_MESSAGE MUST contain a xenc:CipherData/xenc:CipherReference element with a URI attribute having the same URI as the original MIME Part.
R6203 The content of an MIME Part in a SECURE_MESSAGE encrypted using WSS MUST be replaced by the result of encrypting the content of the MIME Part.
This section lists a number of security considerations that should be taken into account when using one or more of the technologies discussed in this profile.
The following specifications' requirements are incorporated into the Profile by reference, except where superseded by the Profile:
This section identifies extensibility points, as defined in "Scope of the Profile," for the Profile's component specifications.
These mechanisms are out of the scope of the Profile; their use may affect interoperability, and may require private agreement between the parties to a Web service.
In The TLS Protocol Version 1.0:
In The SSL Protocol Version 3.0:
In Web Services Security: SOAP Message Security:
In RFC2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile:
In XML Encryption Syntax and Processing:
This document is the work of the WS-I Basic Security Profiles Working Group, whose members have included:
Steve Anderson (OpenNetwork), Paula Austel (IBM), Siddharth Bajaj (Verisign), Frank Balluffi (Deutsche Bank), Abbie Barbir (Nortel Networks), David Baum (Kantega AS), Randy Bias (Grand Central Communications), Tim Bond (webMethods, Inc.), Heidi Buelow (Quovadx), David Burdett (Commerce One, Inc.), Ted Burghart (Hitachi, Ltd.) Symon Chang (Commerce One, Inc.), Richard Chennault, (Kaiser Permanente), Dipak Chopra (SAP AG), Jamie Clark (OASIS), Edward Cobb (BEA Systems, Inc.), David Cohen (Merrill Lynch), Brett Cooper, (Accenture), Ugo Corda (SeeBeyond Technology), Paul Cotton (Microsoft Corporation), Suresh Damodaran, (Rosettanet), Mark Davis (Sarvega, Inc.), Alex Deacon (Verisign), Thomas DeMartini (ContentGuard, Inc.), Blake Dournaee (Sarvega, Inc.), Rob Drew (Charlse Schwab), Gregory Elkins (Reed Elsevier), Mark Ericson (Mindreef), Jon Oyvind Eriksen (Kantega AS), Chris Ferris (IBM), Bob Freund, (Hitachi), Edwin Goei (Sun Microsystems), Grant Goodale (Reactivity, Inc.), Marc Goodner (SAP AG), Phil Goodwin (Sun Microsystems), Marc Graveline (Cognos, Inc.), Eric Gravengaard (Reactivity, Inc.), Thomas Gross (IBM), Martin Gudgin (Microsoft Corporation), Marc Hadley (Sun Microsystems), Mark Hapner (Sun Microsystems), Nathan Harris (Kaiser Permanente), Bret Hartman (Datapower Technology, Inc.), Frederick Hirsch (Nokia), Jason Hogg (Microsoft Corporation), Maryann Hondo (IBM), Lawrence Hsiung (Quovadx), Tony Huber (Commerce Quest), Jim Hughes (Hewlett-Packard), Michael Hui (Computer Associates), Brian Jackson (Avanade, Inc.), Steve Jenisch (SAS Institute), Erik Johnson (Epicor), Chris Kaler (Microsoft Corporation), Anish Karmarkar (Oracle Corporation), Dana Kaufman, (Forum Systems), Manveen Kaur (Sun Microsystems), Slava Kavsan (RSA Security), Paul Knight (Nortel Networks), Chris Kurt (Microsoft Corporation), Kelvin Lawrence (IBM), Hal Lockhart (BEA Systems), Brad Lund (Intel Corporation), Jim Luth (OPC Foundation), Paul Madsen (Entrust, Inc.), Eve Maler (Sun Microsystems), Skip Marler (Parasoft), Axl Mattheus (Sun Microsystems), Michael McIntosh (IBM), Craig Milhiser, (Ascential), Chris Miller (Accenture), Dale Moberg (Cyclone Commerce), Ron Monzillo (Sun Microsystems), K. Scott Morrison, (Layer 7) Tim Moses (Entrust, Inc.), Tony Nadalin (IBM), Nataraj Nagaratnam (IBM), Andrew Nash (RSA Security), Hsin Ning (Bestning Technologies), Eisaku Nishiyama (Hitachi, Ltd.), Mark Nottingham (BEA Systems, Inc.), TJ Pannu (ContentGuard, Inc.), Martine Pean (Quovadx), Robert Philpott (RSA Security), Dave Prout (BT), Joe Pruitt (F5 Networks, Inc.), Eric Rejkovic (Oracle Corporation), Matt Recupito (Accenture), Jason Rouault (Hewlett-Packard), Rich Salz (Datapower Technology, Inc.), Matt Sanchez (Webify Solutions, Inc. ), Jerry Schwarz (Oracle Corporation), Senthil Sengodan (Nokia), Shawn Sharp (Cyclone Commerce), Aslak Siira (F5 Networks, Inc.), David Solo (Citigroup, Inc. ), Davanum Srinivas (Computer Associates), Raghavan Srinivas (Sun Microsystems), John Stanton (Defense Information Systems Agency), Andrew Stone (Accenture), Julie Surer (MITRE), Wes Swenson (Forum Systems), Dino Vitale (Citigroup, Inc.), Jonathan Wenocur (Datapower Technology, Inc.), Pete Wenzel (SeeBeyond Technology), Ian White (Micro Focus)