Standards for Technology in Automotive Retail

 Home -  News Feed 

Chapter 4. Implementing ebMS Message-Level Security

Table of Contents

4.1. Implementing ebMS Message-Level Security
4.1.1. Digitally Signing a STAR ebMS Message  

4.1. Implementing ebMS Message-Level Security

4.1.1.  Digitally Signing a STAR ebMS Message  

It is optional for a specific STAR ebMS message exchange to use Digital Signature, but if a Digital Signature is applied to a message the signature MUST be in full compliance with [XMLDSIG] and [ebMS version 2.0].

ebMS version 2.0 is very specific about how to apply Digital Signatures. Though multiple signatures are allowed, only the first signature is defined. The first signature is a signature over the SOAP Envelope (excluding the Signature elements themselves) and over all Attachments. ebMS requires specific algorithms for canonicalization and transformation of the SOAP Envelope. In other words, the sender creates a digital signature over the SOAP Envelope and all payloads.

A receiver MAY make use of ebXML CPA to associate a Digital Certificate with a sender.