[ 
http://issues.apache.org/jira/browse/AXIS2C-263?page=comments#action_12433842 ] 
            
James Clark commented on AXIS2C-263:
------------------------------------

For the purpose of designing replay detection, we should assume message 
integrity (from either transport-level security or digital signatures). If an 
attacker can modify the message, then they don't need to rely on replay, they 
can just send whatever message they want!

Have a configurable message lifetime (say 5 minutes by default).  

Reject any message without a message id (alternatively we could generate a 
message-id for any message that lacks one, by using the message's sha-1 hash).

Reject any message without a timestamp (alternatively for a message without a 
timestamp, timestamp it with the current time).

Reject any message with a timestamp older than the configured lifetime.

Keep the message id of all messages in a database until their timestamp makes 
them older than the configured message lifetime.

Reject any message with a message id the same as any stored message.

The message store needs to be able to be on-disk and persistent.   Applications 
should be able to plugin their storage technology of choice (eg sqlite, bdb, 
mysql).  We can supply a default in-memory implementation, for now.

Does this make sense?

We should research how other technologies deal with replay detection (eg SSL, 
Kerberos 5).

> Replay detection needed
> -----------------------
>
>                 Key: AXIS2C-263
>                 URL: http://issues.apache.org/jira/browse/AXIS2C-263
>             Project: Axis2-C
>          Issue Type: Bug
>          Components: rampart
>    Affects Versions: Current (Nightly)
>            Reporter: James Clark
>         Assigned To: Malinda Kaushalye Kapuruge
>            Priority: Critical
>
> You need to implement replay detection.  See section 13.2.1 of WS-Security 
> 2004.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to