Kaushalye Kapuruge wrote:
Hi List,
We are experiencing some problems encrypting messages with optimized
MTOM attachments. Say a client need to send an image(or binary
content) in a confidential way. And the optimization is set to TRUE.
In a normal scenario, where *no encryption* is available, the image
content is sent as a MIME attachment. But when it comes to encryption,
the serialization of the OM node (before the crypto process), doesn't
handle this optimization. Thus the image(or binary content) get lost.
So... my question is, if the sender needs to have MTOM optimization as
well as message level encryption at the same time, can we provide that?
I think we can live with the case, where we say, if you need encryption,
then you *have to use* non-optimized version of MTOM. What are the
expectations in this context when it comes to interop? I mean what do
the Java and .NET world do in case of secure MTOM?
If yes, please let me know.
If not, we have two approaches.
1. Mention this in the user guide, and say that if the confidentiality
is needed, set the optimization to FALSE.
2. If the user has set optimization to TRUE, we have to switch it to
FALSE behind the curtain and encrypt the *non-optimized* content.
Optionally we can optimize the CipherData contents as Rampart/Java does.
I think the second option is more practical. So +1 for approach 2.
Samisa...
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
