Reference document

Org
OASIS
Pubnum
WSS-SOAPMessage Security Ver 1.1
Date
2006-02-01
Version
1.1
Title
Web Services Security: SOAP Message Security 1.1

Applicability

WS-Security describes enhancements to SOAP messaging to provide quality of protection through message integrity, message confidentiality, and single message authentication. These mechanisms can be used to accommodate a wide variety of security models and encryption technologies. WS-Security also provides a general-purpose mechanism for associating security tokens with messages. No specific type of security token is required by WS-Security. It is designed to be extensible (e.g. support multiple security token formats). For example, a client might provide proof of identity and proof that they have a particular business certification.

Additionally, WS-Security describes how to encode binary security tokens. Specifically, the specification describes how to encode X.509 certificates and Kerberos tickets as well as how to include opaque encrypted keys. It also includes extensibility mechanisms that can be used to further describe the characteristics of the credentials that are included with a message.

Responsible Party

Name
NCIA/CES

Status

URI
http://docs.oasis-open.org/wss/v1.1

History

Flag Date RFC Version
added 2004-05-25 5-19 0.6
changed 2012-09-04 6-60 7
changed 2017-01-14 9-19 10
UUID
d8dab608-97ad-4fc7-b387-cbef9ac49fbe

Relationships

This standard is used by the following service profiles: