Section 7.5 of the Core Spec states:
An MSH Implementation may encrypt the eb:Messaging Container Element. It may also encrypt select child elements of the eb:Messaging header, leaving other elements unencrypted.
Section 5.1.6 of AS4 states:
If an AS4 user message is to be encrypted, AS4 MSH implementations MUST encrypt ALL payload parts. However, AS4 MSH implementations SHALL NOT encrypt the eb:Messaging header.
When we wrote this, it was (IIRC) our intention to rule out encryption of the eb:Messaging header as well as any of its child elements. However, the wording in AS4 only rules out encrypting the entire header and is silent about partial encrypting at child element level.
One AS4 implementation interpreted this as meaning that partial encryption is still allowed, as it is not explicitly ruled out in AS4 and possible in ebMS3.
That implementer also noted that full or partial encryption of the header is problematic, for example a Receiving MSH may need to know which P-Mode to apply to an incoming message, which the headers in eb:Messaging normally facilitate, but can't if they're encrypted