AS4 ProfileFor OASIS ebXML Message Service 3.0

Subcommittee Draft 0.53, [Date TBD]Inline comments <JD> (September 268)

Document identifier:[filename TBD]

Location:[link TBD]

Editors:[TBD]

Contributors:[TBD]

Abstract:(Refer to Section Error: Reference source not found, Error: Reference source not found.)

Status:This document is submitted for approval as a committee draft specification.Committee members should send comments on this specification to the ebxml-iic@lists.oasis-open.org list. Others should subscribe to and send comments to the ebxml-iic-comment@lists.oasis-open.org list. To subscribe, send an email message to ebxml-iic-comment-request@lists.oasis-open.org with the word "subscribe" as the body of the message.For more information about this work, including any errata and related efforts by this committee, please refer to our home page at http://www.oasis-open.org/committees/ebxml-iic.

ebxml-iic-ebms2_deploy_template-spec-cd-11 20 June 2005Copyright © OASIS Open 2005. All Rights Reserved. Page 1 of 36

1

2

3

4

5

67

89

1011

1213

1415

16171819202122232425

12

Table of Contents1 Introduction............................................................................................................................ 42 AS4 Conformance Profiles for ebMS V3................................................................................5

2.1 The AS4 ebHandler Conformance Profile......................................................................52.1.1 Feature Set................................................................................................................52.1.2 WS-I Conformance Requirements.............................................................................62.1.3 Processing Mode Parameters...................................................................................7

2.2 The AS4 light Client Conformance Profile.....................................................................93 AS4 Deployment Profile of ebMS 3.0.....................................................................................9

3.1 Core Components/Modules...........................................................................................93.2 Additional Modules......................................................................................................113.3 Component/Module: Messaging Model.......................................................................12

3.3.1 Profile Requirement Item: Message Exchange Patterns (MEP) and Receipts........123.4 Component/Module: Processing Modes (put at the end).............................................12

3.4.1 Profile Requirement Item: P-Mode Parameters.......................................................123.5 Compoent/Module: Message Packaging.....................................................................13

3.5.1 Profile Requirement Item: Example Item #1............................................................133.6 Component/Module: Error Handling............................................................................14

3.6.1 Profile Requirement Item: Delivery Aware Errors....................................................143.7 Module: Security..........................................................................................................14

3.7.1 Profile Requirement Item: Security Element............................................................143.7.2 Profile Requirement Item: Signing Messages..........................................................153.7.3 Profile Requirement Item: Signing SOAP with Attachments Messages..................153.7.4 Profile Requirement Item: Encrypting Messages.....................................................163.7.5 Profile Requirement Item: Encrypting SOAP with Attachments Messages..............173.7.6 Profile Requirement Item: Security Token Authentication.......................................173.7.7 Profile Requirement Item: Message Authorization..................................................183.7.8 Profile Requirement Item: Securing the PullRequest..............................................183.7.9 Profile Requirement Item: Persistent Signed Receipt..............................................193.7.10 Profile Requirement Item: Persistent Authorization.............................................19

3.8 SOAP Extensions........................................................................................................203.8.1 Profile Requirement Item: #wildCard, Id..................................................................20

3.9 MIME Header Container..............................................................................................203.9.1 Profile Requirement Item: charset...........................................................................20

3.10 HTTP Binding..............................................................................................................213.10.1 Profile Requirement Item: HTTP Headers...........................................................213.10.2 Profile Requirement Item: HTTP Response Codes.............................................213.10.3 Profile Requirement Item: HTTP Access Control................................................223.10.4 Profile Requirement Item: HTTP Confidentiality and Security.............................22

3.11 Additional Features......................................................................................................233.11.1 Compression.......................................................................................................23

3.12 Operational Profile.......................................................................................................243.12.1 Deployment and Processing requirements for CPAs..........................................24

ebxml-iic-ebms2_deploy_template-spec-cd-11 20 June 2005Copyright © OASIS Open 2005. All Rights Reserved. Page 2 of 36

26

272829303132333435363738394041424344454647484950515253545556575859606162636465666768

34

3.12.2 Security Profile....................................................................................................243.12.3 Receipt Profile <JD> (need to move that up in Section 2)...................................253.12.4 Error Handling Profile..........................................................................................253.12.5 Message Payload and Flow Profile.....................................................................263.12.6 Additional Messaging Features beyond ebMS Specification...............................263.12.7 Additional Deployment or Operational Requirements.........................................27

4 References........................................................................................................................... 284.1 Normative....................................................................................................................284.2 Non-normative.............................................................................................................28

Appendix A. Acknowledgments.....................................................................................29Appendix B............................................................................................................................... 30Appendix C. Revision History........................................................................................31Appendix D. Notices......................................................................................................32

ebxml-iic-ebms2_deploy_template-spec-cd-11 20 June 2005Copyright © OASIS Open 2005. All Rights Reserved. Page 3 of 36

6970717273747576777879808182

8384858687

56

1 IntroductionThe AS4 profile of the ebMS V3 OASIS standard is intended to achieve the same functionality as AS2, while leveraging the features of the recent ebMS V3 standard. The main features of interest are compatibility with Web services standards, message pulling capability, and a built-in Receipt mechanism.

Profiling ebMS V3 means:- defining of a subset of ebMS V3 options to be supported by the AS4 handler,- deciding which types of message exchanges must be supported, and how these

exchanges should be conducted (level of security, binding to HTTP, etc.) - deciding of AS4-specific message contents and practices (how to make use of the ebMS

message header fields, in an AS4 context).- deciding of some operational best practices, for the end-user.

The overall goal of a profile for a standard is to ensure interoperability by:- Establishing particular usage and practices of the standard within a community of users, - Defining the subset of features in this standard that needs to be supported by an

implementation.

Two kinds of profiles are usually to be considered when profiling an existing standard:

1. Conformance Profiles. These define the different ways a product can conform to a standard, based on specific ways to use this standard. A conformance profile is usually associated with a specific conformance clause. Conformance profiles are of prime interest for product managers and developers: they define a precise subset of features to be supported.

2. Deployment Profiles. These define how a standard should be used by a community of users, in order to ensure best compatibility with business practices and interoperability. Deployment profiles are of prime interest for IT end-users: they define how to configure the use of a standard (and related product) as well as how to bind this standard to business applications. A deployment profile usually points at required or compatible conformance profile(s).

AS4 is defined as a combination of:- An AS4 Conformance Profile (see section …), that defines the subset of ebMS

V3 features to be supported by an AS4 implementation.- An AS4 Deployment Profile (section …) that defines how to use underlying ebMS

V3 features to achieve similar functions as specified in AS2.

8889909192

93949596979899100

101102103104105

106107

108109110111112113114115116117118119

120121122123124125

126127128129130

7

131

8

2 AS4 Conformance Profiles for ebMS V3

Two AS4 conformance profiles are defined below: <JD> or do we want only the first one ?(1) the AS4 ebHandler CP. This conformance profile supports both Sending and Receiving

roles, and for each role both message pushing and message pulling.(2) the AS4 light Client CP. This conformance profile supports both Sending and receiving

roles, but only message pushing for Sending and message pulling for Receiving. In other words, it does not support incoming HTTP requests, and may have no IP address.

Compatible existing conformance profiles for ebMS V3 are:- Gateway RM V3 or Gateway RX V3: a product implementing any of these profiles will also be conforming to the AS4 ebHandler CP (the reverse is not true).

2.1 The AS4 ebHandler Conformance ProfileThe AS4 ebHandler is identified by the URI:http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/ns/cprofiles/200809/as4ebhandler

2.1.1 Feature Set

AS4 CP is defined as follows, using the table template and terminology provided in Appendix F (“Conformance”) of the core ebXML Messaging Services V3.0 specification [ebMS3].

Conformance Profile:AS4 ebHandler

Profile summary: <“Sending+Receiving” / “AS4 eb Handler” /Level 1 / HTTP1.1 + SOAP 1.2 + WSS1.1 >

Functional Aspects

Profile Feature Set

ebMS MEP Support for all ebMS simple MEPs, in both Sender or Receiver role:- One-way / Push,- One-way / Pull,

Regardless of which MEP is used, the sending of an eb:Receipt message must be supported:

- For the One-way / Push, both “response” and “callback” reply patterns must be supported.

- For the One-way / Pull, the “callback” pattern is the only viable option, and the User message sender MUST be ready to accept an eb:Receipt either piggybacked on a PullRequest, or sent separately. The User message receiver MUST be able to send an eb:Receipt separately from the PullRequest.

Use of the ebbpsig:NonRepudiationInformation element (as defined in

132

133134135136137138139

140141142143

144

145146147

148

149

150151152

153

9

[ebBP-SIG]) MUST be supported as content for the eb:Receipt message.

Reliability Support for the following QoS features for pushed or pulled ebMS messages: NoneThe use of eb:Receipt messages will provide delivery awareness to the User message sender. The semantics of sending back an eb:Receipt message is: a well-formed ebMS user message has been received and the MSH is taking responsibility for its processing, (no additional application-level delivery semantics, and no payload validation semantics).

No support for a WS reliable messaging specification is required although that is an option.

Security - Support for username / password token, digital signatures and encryption.- Support for content-only transforms.- Support for security of attachments required.- Support for message authorization at P-Mode level (see 7.10 in [ebMS3])

using wsse:UsernameToken profile, in particular authorization of the Pull signal for a particular MPC.

Error generation and reporting

- Capability of the Receiving MSH to report errors from message processing, either as ebMS error messages or as Faults to the Sending MSH. The following modes of reporting to Sending MSH are supported: (a) sending error as a separate request (ErrorHandling.Report.ReceiverErrorsTo=<URL of Sending MSH>), (b) sending error on the back channel of underlying protocol (ErrorHandling.Report.AsResponse="true").

- Capability to report to a third-party address (ErrorHandling.Report.ReceiverErrorsTo=<other address>).

- Capability of Sending MSH to report generated errors as notifications to the message producer (support for Report.ProcessErrorNotifyProducer="true")( e.g. delivery failure).

- Generated errors: All specified errors to be generated when applicable, except for EBMS:0010: On Receiving MSH, no requirement to generate error EBMS:0010 for discrepancies between message header and the following P-Mode features: P-Mode.reliability and P-Mode.security, but requirement to generate such error for other discrepancies.

Message Partition Channels

Support for additional message channels beside the default, so that selective pulling by a partner MSH is possible.

Message packaging

- Support for attachments required.- Support for MessageProperties required.- Support for processing messages that contain both a signal message unit

(eb:SignalMessage) and a user message unit (eb:UserMessage).

Interoperability Parameters

Transport: HTTP 1.1SOAP version: 1.2Reliability Specification: none.Security Specification: WSS1.0 and WSS 1.1. When using the One-way / Pull MEP, the response message must use by default the same WSS version as the request message. Otherwise, the version to be applied to a message is specified in the P-

10

Mode.security

2.1.2 WS-I Conformance RequirementsThe Web-Services Interoperability consortium has defined guidelines for interoperability of SOAP messaging implementations. In order to ensure maximal interoperability across different SOAP stacks, MIME and HTTP implementations, this conformance profile requires compliance with the following WS-I profiles:

Basic Security Profile (BSP) 1.1 [ WSIBSP11] Attachment Profile (AP) 1.0, [WSIAP10] with regard to the use of MIME and

SwA. Notes: Compliance with AP1.0 would normally require compliance with BP1.1, which in

turn requires the absence of SOAP Envelope in the HTTP response of a One-Way (R2714). However, recent BP versions such as BP1.2 [WSIBP12] override this requirement. Consequently, the AS4 ebHandler conformance profile does not require conformance to these deprecated requirements inherited from BP1.1 (R2714, R1143) regarding the use of HTTP.

The above WS-I profiles must be complied with within the scope of features exhibited by the AS4 ebHandler conformance profile. For example, since only SOAP 1.2 is required by AS4 ebHandler, the requirements from BSP 1.1 that depend on SOAP 1.1 would not apply. Similarly, none of the requirements for DESCRIPTION (WSDL) or REGDATA (UDDI) apply here, as these are not used.

This conformance profile may be refined in a future version to require conformance to the following WS-I profiles, once approved and published by WS-I:

Basic Profile 2.0 (BP2.0)iui

2.1.3 Processing Mode ParametersSummary of P-Mode parameters that must be supported by an implementation conforming to this profile. Fore each parameter, either: full support is required: an implementation is supposed to support the possible options for this

parameter. Support for a subset of values is required. No support is required: an implementation is not required to support the features controlled by

this parameter, and therefore not required to understand this parameter.

0. General PMode parameters: (PMode.ID: support not required) (PMode.Agreement: support not required) PMode.MEP: support for: http://www.oasis-open.org/committees/ebxml-msg/

{one-way, two-way} PMode.MEPbinding: support for:

http://www.oasis-open.org/committees/ebxml-msg/{ push, pull, sync} PMode.Initiator.Party: support required.

154155

156157158159160

161162163164

165166167168169170171172173174175176177

178

179

180181182183184185186187

188189

190191192193194195196

11

PMode.Initiator.Role: support required. PMode.Initiator.Authorization.username and

PMode.Initiator.Authorization.password: support for: wsse:UsernameToken. PMode.Responder.Party: support required. PMode.Responder.Role: support required. PMode.Responder.Authorization.username and

PMode.Responder.Authorization.password: support for: wsse:UsernameToken.

1. PMode[1].Protocol: PMode[1].Protocol.Address: support for “http” scheme. PMode[1].Protocol.SOAPVersion: support for SOAP 1.2.

2.PMode[1].BusinessInfo: PMode[1].BusinessInfo.Service: support required. PMode[1].BusinessInfo.Action: support required. PMode[1].BusinessInfo.Properties[]: support required. (PMode[1].BusinessInfo.PayloadProfile[]:not required) (PMode[1].BusinessInfo.PayloadProfile.maxSize: not required) PMode[1].BusinessInfo.MPC: support required.

3. PMode[1].ErrorHandling: (PMode[1].ErrorHandling.Report.SenderErrorsTo: support not required) PMode[1].ErrorHandling.Report.ReceiverErrorsTo: support required (for

address of the MSH sending the message in error or for third-party). PMode[1].ErrorHandling.Report.AsResponse: support required (true/false). (PMode[1].ErrorHandling.Report.ProcessErrorNotifyConsumer support not

required) PMode[1].ErrorHandling.Report.ProcessErrorNotifyProducer: support required

(true/false) PMode[1].ErrorHandling.Report.DeliveryFailuresNotifyProducer: support

required (true/false)

4. PMode[1].Reliability:None

5. PMode[1].Security: PMode[1].Security.WSSVersion: support required for: {1.0 , 1.1 } PMode[1].Security.X509.Sign: support required. PMode[1].Security.X509.Signature.Certificate: support required. PMode[1].Security.X509.Signature.HashFunction: support required. PMode[1].Security.X509.Signature.Algorithm: support required.

197198199200201202203204

205206

207208

209210

211212213214215216217

218

219220221222223224225226227228

229230

231

232233

234235236237238

12

PMode[1].Security. X509.Encryption.Encrypt: support required. PMode[1].Security.X509.Encryption.Certificate: support required. PMode[1].Security.X509.Encryption.Algorithm: support required. (PMode[1].Security.X509.Encryption.MinimumStrength: support not

required) PMode[1].Security.UsernameToken.username: support required. PMode[1].Security.UsernameToken.password: support required. PMode[1].Security.UsernameToken.Digest: support required (true/false) (PMode[1].Security.UsernameToken.Nonce: not required) PMode[1].Security.UsernameToken.Created: support required. PMode[1].Security.PModeAuthorize: support required (true/false) PMode[1].Security.SendReceipt: support required (true/false) Pmode[1].Security.SendReceipt.ReplyPattern: support required (both “response” and

“callback”))

2.2 The AS4 light Client Conformance ProfileThe AS4 light Client is identified by the URI:http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/ns/cprofiles/200809/as4ebhandler

1.1.1 Feature Set

Conformance Profile:LHRM-CP

Profile summary: <“Sending+Receiving” / “ lighthandler-rm” /Level 1 / HTTP1.1 + SOAP 1.1>

Functional Aspects Profile Feature SetebMS MEP Support for One-way / Push (as initiator), and One-way / Pull (as

initiator).Regardless of which MEP is used, the sending of an eb:Receipt message must be supported:

- For the One-way / Push, the “response” reply pattern must be supported.

- For the One-way / Pull, the “callback” pattern is the only viable option, and the User message sender MUST be ready to accept an eb:Receipt either piggybacked on a PullRequest, or sent separately. The User message receiver MUST be able to send an eb:Receipt separately from the PullRequest.

(?) Use of the ebbpsig:NonRepudiationInformation element (as defined in [ebBP-SIG]) MUST be supported as content for the eb:Receipt message.

Reliability The use of eb:Receipt messages will provide delivery awareness to the User message sender. The semantics of sending back an eb:Receipt message is: a well-formed ebMS user message has been received and the MSH is taking responsibility for its processing, (no additional application-level delivery semantics,

239240241242243244245246247248249250251252

253

254255256

257

258

13

and no payload validation semantics).No support for a WS reliable messaging specification is required

although that is an option.

Security Support for username / password token: minimal support for wss:UsernameToken profile

Error reporting Support for error notification to the local message producer (e.g. reported failure to deliver pushed messages). Ability to report message processing errors for pulled messages to the remote party via Error messages (such an error may be bundled with another pushed message or a Pull signal.).

Message Partition Channels Sending on default message partition flow channel (no support for additional message partitions required.)

Message packaging No support for attachments required – i.e. the payload will use the SOAP body-, no support for MessageProperties required.

Interop Parameters Transport: HTTP 1.1SOAP version: 1.2WSS:. WSS1.1Reliability Specification: none

1.1.1 WS-I Conformance Requirements This conformance profile will require compliance with the following WS-I profile, once formally approved by WS-I (currently in Board approval draft status):

Basic Profile 2.0 [WSIBP20]Note: the above WS-I profile must be complied with within the scope of features exhibited by the AS4 Light Client ebMS conformance profile.

2.3 Conformance Profiles CompatibilityThe AS4 light Client is identified by the URI:

The AS4 profile is compatible with the following ebMS V3 conformance profiles, defined in [ebMS3-CP]:

Gateway RM V2/3 Gateway RM V3 Gateway RX V2/3 Gateway RX V3

AS4 may be deployed on any MSH that conforms to one of the above conformance profiles.

259

260261262263264265

266267

268269

270271272

273274275276

277278

14

3 AS4 Deployment Profile of ebMS 3.0

This section summarizes the which components and modules of the ebMS 3.0 Core Features are used in this profile (i.e. modules that business partners need to use or support in order to comply with the profile and communicate with others who do comply). For each used component/module, this section also specifies whether the component/module has been profiled or not. If yes, the profiling details are given in following section(s).

3.1 Core Components/ModulesComponent Name and Reference

Messaging Model (section 2)

Profiling Status

Usage: RequiredProfiled: Yes

Notes This Profile only supports the One-Way/Push MEP (Sync and Async) and the One-Way/Pull MEP.

Component Name and Reference

Message Pulling and Partitioning (section 3)

Profiling Status

Usage: RequiredProfiled: No

Notes This Profile supports Message Pulling and MPCs without any profiling points.

Component Name and Reference

Processing Modes (section 4)

Profiling Status

Usage: RequiredProfiled: Yes

Notes

Component Name and Reference

Message Packaging (section 5)

279

280281282283284285286

287

288

289

290

291

15

Profiling Status

Usage: RequiredProfiled: Yes

Notes Default business process that defines acceptable defaults for Role, Service, and ActionSubcommittee is considering not supporting Bundled Messages (piggybacking) for the One-Way/Pull MEP.

Component Name and Reference

Error Handling (section 6)

Profiling Status

Usage: RequiredProfiled: Yes

Notes Possible addition of some new Error Codes regarding Delivery Awareness

Module Name and Reference

Security Module (section 7)

Profiling Status

Usage: RequiredProfiled: Yes

Notes Guidance to be specified regarding which part(s) of the message to be encrypted and included in the signature. Further guidance to be specified on how to securitize the PullRequest Signal and the preventing of replay attacks since the Reliable Message module will not be used.

Module Name and Reference

Reliable Messaging Module (section 8)

Profiling Status

Usage: Not supported by this profileProfiled: No

Notes This profile does not support the use of the Reliable Messaging Module using either WS-ReliableMessaging or WS-Reliability. It furthermore supports a lighter version of RM called “Delivery Awareness”.

3.2 Additional Features <JD><JD> these modules are not part of the core spec, so I would not list them in this section.

Module Name and Reference

Compression Module (na)<JD> see proposed addition in Section 3 (“Additional Features”)

292

293

294

295

296297

16

Profiling Status

Usage: OptionalProfiled: Yes

Notes Guidance for compressing business payloads and how compressed payloads are packaged with respect to the Security Module will be described by its own Conformance Profile document.

Module Name and Reference

Delivery Awareness (na)

Profiling Status

Usage: OptionalProfiled: Yes

Notes Not sure if Delivery Awareness needs its own section in the profile<JD> Probably just a subsection. I have put some draft in Section 3.3 – maybe should go in Section 2.

3.3 Component/Module: Messaging Model

3.3.1 Profile Requirement Item: Message Exchange Patterns (MEP) and Receipts

Scope of the Profile Feature

Defines usage of ebMS MEPs, including Receipts.

Specification Feature

Specification Reference

ebMS v3.0, Section 2.2

Profiling (a) This profile supports the One-Way/Push MEP. Both synchronous <JD> synchronous responses? Isn’t that Two-way / sync MEP? and asynchronous transport channels for the response are supported by this profile.The Receiving MSH SHALL return the eb:Receipt, either on the HTTP response (back-channel) or using a separate connection, based on the PMode.Receipt.ReplyPattern parameter.

Profiling (b) This profile supports the One-Way/Pull MEP. The Receiving MSH SHALL return the eb:Receipt using a separate connection. Message bundling of eb:Receipts and PullRequests are not supported by this profile.

Test References

Notes Do we need to include the data flow diagrams that Jacques built?

298

299

300

301302

17

<JD> this can be useful.

3.4 Component/Module: Processing Modes (put at the end)

3.4.1 Profile Requirement Item: P-Mode ParametersSpecification Feature

Specification Reference

ebMS 3.0, Appendix D.3

Profiling (a) PMode.MEP parameter will be constrained to the following value:http://docs..oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/oneWay

Profiling (b) PMode.MEPbinding parameter will be constrained to the following values:http://docs..oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/pushhttp://docs..oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/pull

Profiling (c) PMode.Initiator.Role parameter will have the following default value:http://docs..oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/initiator

Profiling (d) PMode.Responder.Role parameter will have the following default value:http://docs..oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/responder

Profiling (e) PMode.Initiator.Role parameter will have the following default value:http://docs..oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/initiator<JD> duplicate.

Profiling (f) PMode[1].BusinessInfo.Service parameter will have the following default value:http://docs..oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/service<JD> Add a reminder that messages with this default value will NOT be delivered by the receiving MSH (only used for testing)..

Profiling (g) PMode[1].BusinessInfo.Action parameter will have the following default value:http://docs..oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/action<JD> For V3 implementations that automatically enforce the Core V3 default for this value (200704/test) it may be hard to implement this default?

Profiling (h) PMode[1].Reliability parameters are not supported by this profile

Alignment

Test References

Notes

303

304

305

18

3.5 Component/Module: Message Packaging

3.5.1 Profile Requirement Item: Example Item #1Specification Feature

Specification Reference

Profiling (a)

Profiling (b)

Profiling (c)

Alignment

Test References

Notes

3.6 Component/Module: Error Handling

3.6.1 Profile Requirement Item: Delivery Aware ErrorsSpecification Feature

Specification Reference

N/A

Profiling (a) <JD> this is where the values of the error handling PMode parameters that are expected to be used / supported by AS4 should be defined (e.g. PMode[1].Er-rorHandling.Report.ReceiverErrorsTo: are such errors always sup-posed to be sent back to the Sender?PMode[1].ErrorHandling.Report.AsResponse : should it be always « true » for one-way messages that have errors ?

Profiling (b) Is there any specific AS4 error to be supported besides EBMS:xxxx errors? (as the term “Delivery Aware” suggests)? E.g. if a Receipt could not be generated for some other reason than regular message processing errors? Or if a n AS4 handler has not received an expected Receipt (error for its Producer app)?

306

307

308

309

310

19

Profiling (c)

Alignment

Test References

Notes New Error Code(s) for Delivery Aware Errors TBD

3.7 Module: Security

3.7.1 Profile Requirement Item: Security ElementSpecification Feature

Specification Reference

ebMS v3.0, Section 7.1

Profiling (a) An AS4 MSH implementation is REQUIRED to use the Web Services Security X.509 Certificate Token Profile [WSS10-X509] or [WSS11-X509].

Alignment <JD> all external specs referenced should show up here (e.g. WSS)

Test References

Notes

3.7.2 Profile Requirement Item: Signing MessagesSpecification Feature

Specification Reference

ebMS v3.0, Section 7.2

Profiling (a) AS4 MSH implementations are REQUIRED to use Detached Signatures as defined by the XML Signature Specification [XMLDSIG] when signing AS4 user or signal messages. Enveloped Signatures as defined by [XMLDSIG] are not supported by (<JD>or authorized in) this profile.

311

312

313

314

20

Profiling (b) AS4 MSH implementations are REQUIRED to include the entire eb:MessagingContainer Element <JD> do not see eb:MessageContainer in V3 spec??? and the SOAP Body in the signature.

Alignment

Test References

Notes

3.7.3 Profile Requirement Item: Signing SOAP with Attachments Messages

Specification Feature

Specification Reference

ebMS v3.0, Section 7.3

Profiling (a) AS4 MSH implementations are REQUIRED to use the Attachment-Content-Only transform when building application payloads using SOAP with Attachments [SOAPATTACH]. The Attachment-Complete transform is not supported by this profile.

Profiling (b) AS4 MSH implementations are REQUIRED to include the entire eb:MessagingContainer Element <JD>??? and all MIME body parts of included payloads in the signature.

Alignment

Test References

Notes

3.7.4 Profile Requirement Item: Encrypting MessagesSpecification Feature

Specification Reference

ebMS v3.0, Section 7.4

315316

317

21

Profiling (a) AS4 MSH implementations are SHALL NOT encrypt the eb:PartyInfo section of the eb:Messaging header. Other child elements of the eb:Messaging header MAY be encrypted or left unencrypted as defined by trading partner agreements or collaboration profiles.

Profiling (b) If an AS4 user message is to be encrypted and the user-specified payload data is to be packaged in the SOAP Body, AS4 MSH implementations are REQUIRED to encrypt the SOAP Body.

Alignment

Test References

Notes

3.7.5 Profile Requirement Item: Encrypting SOAP with Attachments Messages

Specification Feature

Specification Reference

ebMS v3.0, Section 7.5

Profiling (a) If an AS4 user message is to be encrypted and the user-specified payload data is to be packaged in conformance with the [SOAPATTACH] specification, AS4 MSH implementations are REQUIRED to encrypt the MIME Body parts of included payloads.

Alignment

Test References

Notes

3.7.6 Profile Requirement Item: Security Token AuthenticationSpecification Feature

Specification Reference

ebMS v3.0, Section 7.7

318319

320

22

Profiling (a)

Alignment

Test References

Notes

3.7.7 Profile Requirement Item: Message AuthorizationSpecification Feature

Specification Reference

ebMS v3.0, Section 7.10

Profiling (a)<JD> should this be restricted to the wsse:UsernameToken as the only to-ken? And also should message authorization be only assumed for Pull signals (not for user messages)?

Note that this authorization requires a second wsse header from the one in 2.5.8.

Alignment

Test References

Notes

3.7.8 Profile Requirement Item: Securing the PullRequestSpecification Feature

Specification Reference

ebMS v3.0, Section 7.11.x

321

322

23

Profiling (a) An AS4 Sending MSH MUST authenticate a Receiving MSH that sends a PullRequest by using [WSS10-X509] or [WSS11-X509] coupled with the Message Partition Channel that a Pull signal is accessing for pulling messages.

Profiling (b) For trading communities that are concerned about the possible malignant capture and replay attack of a PullRequest, it is RECOMMENDED that trading PullRequest signals be sent using the HTTPS transport protocol with optional Client-side Authentication.

Alignment

Test References

Notes

3.7.9 Profile Requirement Item: Persistent Signed ReceiptSpecification Feature

Specification Reference

ebMS v3.0, Section 7.12..2

Profiling (a) An AS4 message that has been digitally signed MUST be acknowledged with a message containing an eb:Receipt signal that itself is digitally signed. The eb:Receipt MUST contain the information necessary to provide nonrepudiation of reciept of the original message.

Alignment

Test References

Notes

3.7.10 Profile Requirement Item: Persistent AuthorizationSpecification Feature

Specification ebMS v3.0, Section 7.12..7

323

324

24

Reference

Profiling (a)

Alignment

Test References

Notes

3.8 SOAP Extensions

3.8.1 Profile Requirement Item: #wildCard, IdSpecification Feature

Header elements:

Specification Reference

ebMS 2, section 2.3.6, 2.3.7, 2.3.8

Profiling (Section 2.3.6) #wildcard Element Content: Are additional namespace-qualified extension elements required? If so, specify.(Section 2.3.7) Is a unique “id” attribute required for each (or any) ebXML SOAP extension elements, for the purpose of referencing it alone in a digital signature?(Section 2.3.8) Is a version other than "2.0" allowed or required for any extension elements?

Alignment

Test References

Notes

325

326

327

25

3.9 MIME Header Container

3.9.1 Profile Requirement Item: charsetSpecification Feature

MIME Header elements:Content-Type

Specification Reference

ebMS 2, section 2.1.3.2

Profiling Is the "charset" parameter of Content-Type header necessary?If so, what is the (sub)set of allowed values?Example: Content-Type: text/xml; charset="UTF-8"

Alignment

Test References

Notes

3.10HTTP Binding

3.10.1 Profile Requirement Item: HTTP HeadersSpecification Feature

Header elements, MIME parts

Specification Reference

ebMS 2, Appendix B.2.2.

Profiling (a) Is a (non-identity) content-transfer-encoding required for any of the MIME multipart entities?

Profiling (b) If other than "ebXML" what must the SOAPAction HTTP header field contain?

328

329

330

331

332

333

26

Profiling (c) What additional MIME-like headers must be included among the HTTP headers?

Alignment

Test References

Notes

3.10.2 Profile Requirement Item: HTTP Response CodesSpecification Feature

Header elements, MIME parts

Specification Reference

ebMS 2, Appendix B.2.3.

Profiling What client behaviors should result when 3xx, 4xx or 5xx HTTP error codes are received?

Alignment

Test References

Notes

3.10.3 Profile Requirement Item: HTTP Access ControlSpecification Feature

Header elements, MIME parts

Specification Reference

ebMS 2, Appendix B.2.6.

Profiling Which HTTP access control mechanism(s) are required or allowed? [Basic, Digest, or client certificate (the latter only if transport-layer security is used), for example. Refer to item 4.1.4.8 in Security section.

Alignment Appears as AccessAuthentication elements in CPA.]

Test References

Notes

334

335

336

337

338

27

3.10.4 Profile Requirement Item: HTTP Confidentiality and Security

Specification Feature

Header elements, MIME parts

Specification Reference

ebMS 2, Appendix B.2.7.

Profiling (a) Is HTTP transport-layer encryption required?What protocol version(s)? [SSLv3, TLSv1, for example. Refer to item 4.1.4.6 in Security section.]

Profiling (b) What encryption algorithm(s) and minimum key lengths are required?

Profiling (c) What Certificate Authorities are acceptable for server certificate authentication?

Profiling (d) Are direct-trust (self-signed) server certificates allowed?

Profiling (e) Is client-side certificate-based authentication allowed or required?

Profiling (f) What client Certificate Authorities are acceptable?

Profiling (g) What certificate verification policies and procedures must be followed?

Alignment

Test References

Notes

3.11 Additional Features

These features represent capabilities beyond what the AS4 conformance profile for ebMS V3 (defined in Section 2) is requiring, as they are not specified in the ebMS V3 standard.

3.11.1CompressionMessage Compression Profile requirements

339340

341

342

343344345

346

28

Which method is used? Guidance for compressing business payloads and how compressed payloads are packaged with respect to the Security Module will be described by its own Conformance Profile document<JD> need be more specific here?

How is compression indicated in the message? In the PMode?

Others

3.11.2Message Replay and Duplicate DetectionMessage Replay and Duplicate Detection Profile requirements

If delivery awareness is required, what is the expected behavior if no Receipt message is received by the User message sender?

(a) Simply escalate receipt failure to the provider application. No message replay

(b) A User message sender that has not received an expected eb:Receipt MAY resend the User message. If doing so, the eb:MessageInfo/eb:MessageId element of the resend message and of the original User message MUST be same. However, the eb:MessageInfo/eb:Timestamp MUST be different. If no receipt is obtained, escalate failure to the provider application.

If delivery awareness is required, what is the expected capability of the Receiver?

(a) Nothing more than sending an eb:Receipt.

(b) In addition to (a), a User message receiver MAY detect and/or eliminate duplicates based on eb:MessageInfo/eb:MessageId.

347348

349

29

Others

350351

30

3.12Operational ProfileThis section defines the operational aspect of the profile: type of deployment that the above profile is supposed to be operated with, expected or required conditions of operations, usage context, etc.

3.12.1 Deployment and Processing requirements for CPAsCPA Access Profile requirements

Is a specific registry for storing CPAs required? If so, provide details.

Is there a set of predefined CPA templates that can be used to create given Parties’ CPAs?

Is there a particular format for file names of CPAs, in case that file name is different from CPAId value?

Others

3.12.2 Security ProfileSecurity Profile Profile requirements

Which security profile(s) are used, and under what circumstances (for which Business Processes)? [Refer to Appendix C of Message Service Specification. May be partially captured by BPSS isConfidential, isTamperproof, isAuthenticated definitions.]

Example - within EAN•UCC, it is recommended to adopt persistent security at the application level, including:• Persistent digital signature• Persistent signed receipt• Persistent confidentiality• Persistent authorization[This corresponds to Security Profile 21.]

(section 4.1.5) Are any recommendations given, with respect to protection or proper handling of MIME headers within an ebXML Message?

Are any specific third-party security packages approved or required?

What security and management policies and practices are recommended?

352

353354355356

357

358

359

360

31

Any particular procedure for doing HTTP authentication, e.g. if exchanging name and password, how?

Others

3.12.3 Receipt Profile <JD> (need to move that up in Section 2)Receipt Profile Profile requirements

If delivery awareness is required, what is the expected semantics of a Receipt message? (a) well-formed ebMS user message has been received and the MSH is taking responsibility for its processing, (b) in addition to (a), the message has been delivered to the application, (c): in addition to (b), the payload of the message is “application-valid” and qualified for application-level (or business process-level) processing.

If delivery awareness is required, what is the exact format of its content?

Others

3.12.4 Error Handling ProfileError Reporting Profile requirements

(Section 4.2.4.2) Should errors be reported to a URI that is different from that identified within the From element? What are the requirements for the error reporting URI and the policy for defining it?

<JD> AS4 may have some further requirements here.

What is the policy for error reporting? In case an error message cannot be delivered, what other means are used to notify the party, if any?

<JD> AS4 may have some further requirements here.

(Appendix B.4) What communication protocol-level error recovery is required, before deferring to Reliable Messaging recovery? [For example, how many retries should occur in the case of failures in DNS, TCP connection, server

<JD> AS4 may have some further requirements here.

361

362

363

364

32

errors, timeouts; and at what interval?]

Others

3.12.5 Message Payload and Flow ProfileMessage Quantitative Aspects Profile requirements

What are typical and maximum message payload sizes that must be handled? (maximum, average)

What are typical communication bandwidth and processing capabilities of an MSH for these Services?

Expected Volume of Message flow (throughput): maximum (peak), average?

(Section 2.1.4) How many Payload Containers must be present?

What is the structure and content of each container? [List MIME Content-Types and other process-specific requirements.] Are there restrictions on the MIME types allowed for attachments?

How is each container distinguished from the others? [By a fixed ordering of containers, a fixed Manifest ordering, or specific Content-ID values.]. Any expected relative order of attachments of various types?

Others

3.12.6 Additional Messaging Features beyond ebMS Specification

Additional Features Profile requirements

Are there additional features out of specification scope, that are part of this messaging profile, as an extension to the ebMS profiling?

365

366

367

368369

370

33

3.12.7 Additional Deployment or Operational RequirementsOperational or Deployment Conditions Profile requirements

Operational or deployment aspects that are object to further requirements or recommendations.

Recommended or required practices.

371

372

34

4 References4.1 Normative

[ebMS] OASIS, ebXML Message Service Specification Version 2.0, http://www.oasis-open.org/committees/ebxml-msg/documents/ebMS_v2_0.pdf, April 1, 2002.

[RFC2119] S. Bradner, Key words for use in RFCs to Indicate Requirement Levels, http://www.ietf.org/rfc/rfc2119.txt, IETF RFC 2119, March 1997.

4.2 Non-normative[ebCPPA] OASIS, Collaboration-Protocol Profile and Agreement Specification

Version 2.0, http://www.oasis-open.org/committees/ebxml-cppa/documents/ebCPP-2_0.pdf, September 23, 2002.

[ebDGT] OASIS, ebXML Deployment Guide Template Specification Version 1.0 (ebXML IIC) http://www.oasis-open.org/apps/org/workgroup/ebxml-iic/download.php/1713/ebMS_Deployment_Guide_Template_10.doc, April 7, 2003.

[BPSS] ebXML, ebXML Business Process Specification Schema Version 1.0.1, http://www.ebxml.org/specs/ebBPSS.pdf, May 11, 2001.

[ebMS3-CP] OASIS, ebXML Message Service Version 3.0 Conformance Profiles, http://www.oasis-open.org/committees/download.php/24829/ebms-3.0-confprof-cd-02.pdf, July 25, 2007

373

374375376377378379380

381382383384385386387388389390391392393394395396

35

Appendix A. AcknowledgmentsIn addition to editors or direct contributors, the following individuals were members of the committee during the development of this specification or of a previous version of it:

Mike Dillon, Drummond Group Inc. <mike@drummondgroup.com>Jacques Durand, Fujitsu <jdurand@fujitsu.com>Dale Moberg, Axway <dmoberg@axway.com>

397

398399400401402

36

Appendix B.403

37

Appendix C. Revision History

Rev Date By Whom What

0.1 26 June, 2002 P. Wenzel Initial draft.

0.2 16 September, 2002 P. Wenzel Reformatted document, published with notes by J. Durand.

0.3 3 October, 2002 P. Wenzel Rearranged into user-targeted sections, incorporated comments by J. Durand, M. Martin, E. van LydeGraf.

1.0 27 January, 2003 P. Wenzel Additional text, cleanup and CPA references by P. Wenzel; non-normative EAN•UCC examples by T.Bikeev; comments by J. Durand.

1.0 24 February, 2003 P. Wenzel Incorporated comments by J. Durand.

1.0 26 February, 2003 P. Wenzel Incorporated comments by M. MacKenzie.

1.0 28 March, 2003 P. Wenzel Applied OASIS document formatting guidelines.

1.1 8 June, 2005 J. Durand Recast the previous document in new Deployment Template format, plus some editorial corrections.

404

405

38

Appendix D. NoticesOASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on OASIS's procedures with respect to rights in OASIS specifications can be found at the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification, can be obtained from the OASIS Executive Director.OASIS invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to implement this specification. Please address the information to the OASIS Executive Director.Copyright © OASIS Open 2005. All Rights Reserved.This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself does not be modified in any way, such as by removing the copyright notice or references to OASIS, except as needed for the purpose of developing OASIS specifications, in which case the procedures for copyrights defined in the OASIS Intellectual Property Rights document must be followed, or as required to translate it into languages other than English.The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns.This document and the information contained herein is provided on an “AS IS” basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

406

407408409410411412413414415416417418419420421422423424425426427428429430431432433434435

39