axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James Clark (JIRA)" <>
Subject [jira] Commented: (AXIS2C-263) Replay detection needed
Date Mon, 11 Sep 2006 12:54:24 GMT
    [ ] 
James Clark commented on AXIS2C-263:

For the purpose of designing replay detection, we should assume message integrity (from either
transport-level security or digital signatures). If an attacker can modify the message, then
they don't need to rely on replay, they can just send whatever message they want!

Have a configurable message lifetime (say 5 minutes by default).  

Reject any message without a message id (alternatively we could generate a message-id for
any message that lacks one, by using the message's sha-1 hash).

Reject any message without a timestamp (alternatively for a message without a timestamp, timestamp
it with the current time).

Reject any message with a timestamp older than the configured lifetime.

Keep the message id of all messages in a database until their timestamp makes them older than
the configured message lifetime.

Reject any message with a message id the same as any stored message.

The message store needs to be able to be on-disk and persistent.   Applications should be
able to plugin their storage technology of choice (eg sqlite, bdb, mysql).  We can supply
a default in-memory implementation, for now.

Does this make sense?

We should research how other technologies deal with replay detection (eg SSL, Kerberos 5).

> Replay detection needed
> -----------------------
>                 Key: AXIS2C-263
>                 URL:
>             Project: Axis2-C
>          Issue Type: Bug
>          Components: rampart
>    Affects Versions: Current (Nightly)
>            Reporter: James Clark
>         Assigned To: Malinda Kaushalye Kapuruge
>            Priority: Critical
> You need to implement replay detection.  See section 13.2.1 of WS-Security 2004.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message