Use of WS-Security timestamp element

XMLWordPrintable

    • Type: Improvement
    • Resolution: Fixed
    • Priority: Major
    • Component/s: AS4 Profile, Core Spec
    • None
    • Hide

      Add another profiling rule (b) to section 5.1.3 of the AS4 profile stating:
      "When using a WS-Security header a sending MSH MAY insert a wsu:Timestamp element in this header. A receiving MSH must not reject messages for lacking a wsu:Timestamp element, i.e. it MUST NOT generate an error with severity FAILURE."

      Show
      Add another profiling rule (b) to section 5.1.3 of the AS4 profile stating: "When using a WS-Security header a sending MSH MAY insert a wsu:Timestamp element in this header. A receiving MSH must not reject messages for lacking a wsu:Timestamp element, i.e. it MUST NOT generate an error with severity FAILURE."

      We currently do not specify the use of WS-Security timestamps.

      In interop testing it turned out that one product uses it for duplicate elimination and expected it to be set.

      Should we clarify that the element is not required, or add a PMode parameter to have it configurable?

            Assignee:
            Unassigned
            Reporter:
            Pim van der Eijk (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: