SOAP-DSIG is being proposed for this purpose.
SOAP-DSIG 就是针对这个目的提出的。
See Listing 1 for a typical SOAP-DSIG request message.
请参阅清单1来了解典型的SOAP -DSIG请求消息。
Similarly, the receipt can be signed by using SOAP-DSIG.
以类似的方法,收据可以用SOAP - DSIG来签名。
Table 1: Security requirements satisfied by SOAP-DSIG and SSL 1.
表1:用SOAP - DSIG和SSL 1满足的安全性要求。
Enter name for public crypto certificate, ws-dsig-receiver-public.
输入公共加密证书的名称WS - dsig - receiver - public。
Browse for the converted jceks dsig-receiver.jceks file as described above.
浏览上面所述的经过转换的jceks dsig - receiver . jceks文件。
That is, SOAP-DSIG is used to satisfy the message authentication requirement.
也就是说,SOAP - DSIG被用来满足消息身份验证的要求。
Enter name for private crypto key to be used for signing, ws-dsig-receiver-private.
输入用于进行签名的私有加密密钥的名称WS - dsig - receiver - private。
Table 1 summarizes which security requirements can be satisfied by SOAP-DSIG and SSL.
表1总结了哪些安全性要求能通过SOAP -DSIG和ssl来满足。
The original motivation for SOAP-DSIG was to append digital signatures to SOAP messages.
SOAP-DSIG 的最初动机是在SOAP 消息中附加数字签名。
SSL appends MACs to the transmitted messages and SOAP-DSIG can also be used to append MACs.
SSL将mac附加到被传输的消息中,SOAP -DSIG也能用来附加MAC。
Specifically, SOAP-DSIG defines a data format for appending an XML signature to a SOAP message.
特别地,SOAP - DSIG定义了向SOAP消息中附加XML签名的数据格式。
Now I'll examine the relationship between SOAP-DSIG and SSL from the perspective of non-repudiation.
现在,我将从不可抵赖性的角度分析一下SOAP - DSIG与ssl之间的关系。
It is important to note that you can use SOAP-DSIG and SSL simultaneously by exchanging the above HTTP messages over SSL.
请注意,这一点很重要,您可以通过在SSL上交换上述HTTP消息来同时使用SOAP -DSIG和SSL。
For this purpose, I recommend using a common private key and the corresponding public key certificate for SOAP-DSIG and SSL.
为实现这一目的,我建议在SOAP -DSIG和SSL中使用一个公共专用密钥和相应的公用密钥证书。
Therefore, using SOAP-DSIG and SSL (with client authentication) simultaneously is the first step towards realizing non-repudiation.
因此,同时使用SOAP-DSIG和SSL(带有客户机身份验证)是实现不可抵赖性的第一步。
Application designers and developers must be responsible for this protection because SOAP-DSIG does not define anything to cover such attacks.
应用的设计和开发人员必须负责提供这种保护,因为SOAP -DSIG未对这种攻击作出任何定义。
Therefore using SSL and SOAP-DSIG simultaneously is the most promising approach to securing the transmitted SOAP messages to insure non-repudiation.
因此,同时使用SSL和SOAP-DSIG是保护被传输的SOAP 消息的安全以实现不可抵赖性的最有前途的方法。
Therefore, it seems that using SOAP-DSIG and SSL simultaneously is sufficient for non-repudiation, so I will now present two attacks by malicious recipients (not by third parties).
所以看起来同时使用SOAP - DSIG和SSL对于实现不可抵赖性来说已经足够了,那么我现在就提供两个来自恶意接收方(而非第三方)的攻击。
One of the key advantages of DSig-based protocols is the ability to both assert identity and create a tamper-proof envelope of the content of the message which are often both required together.
基于DSig的协议有个很主要的优势——断定身份的同时还能创建消息内容的防篡改信封,这两个功能通常都要求同时出现。
One of the key advantages of DSig-based protocols is the ability to both assert identity and create a tamper-proof envelope of the content of the message which are often both required together.
基于DSig的协议有个很主要的优势——断定身份的同时还能创建消息内容的防篡改信封,这两个功能通常都要求同时出现。
应用推荐