Uploaded image for project: 'OASIS ebXML Messaging Services TC'
  1. OASIS ebXML Messaging Services TC
  2. EBXMLMSG-58

Use of WS-Security timestamp element

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Component/s: AS4 Profile, Core Spec
    • Labels:
      None
    • Proposal:
      Hide

      Add another profiling rule (b) to section 5.1.3 of the AS4 profile stating:
      "When using a WS-Security header a sending MSH MAY insert a wsu:Timestamp element in this header. A receiving MSH must not reject messages for lacking a wsu:Timestamp element, i.e. it MUST NOT generate an error with severity FAILURE."

      Show
      Add another profiling rule (b) to section 5.1.3 of the AS4 profile stating: "When using a WS-Security header a sending MSH MAY insert a wsu:Timestamp element in this header. A receiving MSH must not reject messages for lacking a wsu:Timestamp element, i.e. it MUST NOT generate an error with severity FAILURE."

      Description

      We currently do not specify the use of WS-Security timestamps.

      In interop testing it turned out that one product uses it for duplicate elimination and expected it to be set.

      Should we clarify that the element is not required, or add a PMode parameter to have it configurable?

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              pvde Pim van der Eijk
            • Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: