Test Assertions Reliable Secure Profile Version 1.0

2013-06-14

Copyright 2013 by OASIS and Certain of its Members. All Rights Reserved.

Test Assertions

Test Assertion

Test Assertion Analysis:	RSP8001
General Notes:	This TA does not match any specific Rxxxx requirement. It is however verifying a general RSP requirement, and is intended to be used as prerequisite to other TAs. It allows other TAs to make abstraction of SOAP version, i.e. to assume an Envelope is always either SOAP 1.1 or 1.2. That way, {almost all) other TAs can be written in a more generic way.
Coverage Assessment:
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:
Test Control:

Test Assertion:	RSP8001
Description:	This TA does not match any specific Rxxxx requirement. It is however verifying a general RSP requirement, and is intended to be used as prerequisite to other TAs. It allows other TAs to make abstraction of SOAP version, i.e. to assume an Envelope is always either SOAP 1.1 or 1.2. That way, {almost all) other TAs can be written in a more generic way.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/*:Envelope
Predicate:	(fn:namespace-uri-from-QName(fn:node-name(.)) = 'http://www.w3.org/2003/05/soap-envelope') or (fn:namespace-uri-from-QName(fn:node-name(.)) = 'http://schemas.xmlsoap.org/soap/envelope/')
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The message is neither a SOAP 1.1 message or a SOAP 1.2 message.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2200
General Notes:	.
Coverage Assessment:
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:
Test Control:

Test Assertion:	RSP2200
Description:	An MC-RECEIVER that generates a SOAP 1.1 fault MUST include the value of the [Detail] property, if such a value exists, as the first child of the /soap11:Fault/detail element.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap11:Envelope[soap11:Body/soap11:Fault]
Predicate:	$target/soap11:Body/soap11:Fault/:detail or not($target/soap11:Body//:detail)
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A SOAP 1.1 message containing a Fault element in its body, has a default element that is not immediate child of soap11:Body/soap11:Fault.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0001
General Notes:	NOTE1: the actual test target is the observable artifact under test. NOTE2: given partial coverage, probably better to test for the negative case: predicate=true means failure. Inthe error message (or warning message): mention what to look for NOTE3: need to finalize the expected fault-message correlation. NOTE4: test env alignment: use same unrecognizable extension.
Coverage Assessment:	partial (only some extension cases, and some messages types to be tested, and also can't sort out the real cause of the Fault)
Target Type:	ENVELOPE
Test Target:	for a soap:Envelope (not just wsrm:CreateSequence) with a special extension that is known to be NOT understood
Test co-Target(s):
Test Prerequisite:
Predicate:	there is a Fault in response to the message with extension.
Prescription:	mandatory
Reporting:	true=warning, false=undetermined
Test Control:	Align with unrecognizable extension expected in the TA. Generate a wsrm:CreateSequence message that makes use of the unrecognizable extension. Require response for anonymous URI.

Test Assertion:	RSP0001
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ some $elt in .// satisfies string(fn:namespace-uri($elt)) = 'http://dummy.example.org/unknown/nmspace' ]
co-Target: myresponse	/wsil:testLog/wsil:messageLog/wsil:message[ (@type = 'response' and @conversation = $target/../../@conversation) or (.//:Envelope/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $target/:Header/wsa:MessageID) ] /wsil:messageContents/:Envelope
Predicate:	not($myresponse//:Body/:Fault)
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	A SOAP Fault was generated in response to a message that contains elements with an unrecognized extension - here, a predefined namespace URI.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0002a
General Notes:
Coverage Assessment:	partial: only checks for the common case of presence of an rm:Sequence header, for sequence traffic messages.
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP0002a
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message[/wsil:testLog/wsil:descriptionFiles/wsil:feature[@name = 'http://docs.oasis-open.org/ws-rx/wsrmp/200702/RMAssertion' and @mode = 'required']] [@type = 'request']/wsil:messageContents/:Envelope [:Body[not(.//:Fault) and not(.//wsrm: ) and not(.//:EncryptedData) ]] [:Header[not(wsrm:AckRequested) and not(wsrm:SequenceAcknowledgement) and not(.//xenc:ReferenceList)]] [ some $myenv in . satisfies some $message in //wsdl:definitions/wsdl:message satisfies ($message/wsdl:part[1]/@type) ]
co-Target: myOpBinding	/wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:binding [.//[@style = 'rpc']]/wsdl:operation[@name = fn:local-name-from-QName(node-name($target/:Body/*[1]))]
Predicate:	$target/*:Header/wsrm:Sequence
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A SOAP Envelope with an WSDL rpc-lit binding, and for which the use of WS-ReliableMessaging was required, did not contain a wsrm:Sequence header.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0002b
General Notes:
Coverage Assessment:	partial: only checks for the common case of presence of an rm:Sequence header, for sequence traffic messages.
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP0002b
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message[/wsil:testLog/wsil:descriptionFiles/wsil:feature[@name = 'http://docs.oasis-open.org/ws-rx/wsrmp/200702/RMAssertion' and @mode = 'required']] [@type = 'request']/wsil:messageContents/:Envelope [:Body[not(.//:Fault) and not(.//wsrm: ) and not(.//wsmc:) and not(.//:EncryptedData) ]] [:Header[not(wsrm:AckRequested) and not(wsrm:SequenceAcknowledgement) and not(.//xenc:ReferenceList)]] [some $myenv in . satisfies ( every $message in //wsdl:definitions/wsdl:message satisfies ( (not($message/wsdl:part[1]/@type) ) and ( $myenv/:Body/[1] or $myenv/:Header/wsa:Action )) ) ]
co-Target: myOpBinding	/wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:binding/wsdl:operation [ some $opBinding in . satisfies (if ($target/:Body/[1] ) then (some $dmesg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:message[wsdl:part[fn:resolve-QName(xsd:string(@element), . ) = fn:node-name($target/:Body/[1])] ] satisfies some $dopmsg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation/wsdl:input [fn:local-name-from-QName(fn:resolve-QName(xsd:string(@message), . )) = $dmesg/@name] satisfies $opBinding/@name = $dopmsg/../@name ) else fn:true() ) and ( if ($target/:Header/wsa:Action) then ( some $opmsg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation/wsdl:input satisfies ( $target/:Header/wsa:Action = ( if ($opmsg/@wsam:Action) then $opmsg/@wsam:Action else fn:concat($opmsg/../../../@targetNamespace, if (not(fn:ends-with($opmsg/../../../@targetNamespace,'/'))) then '/' else '', $opmsg/../../@name, '/', if($opmsg/@name) then $opmsg/@name else fn:concat($opmsg/../@name, 'Request' ) ) ) ) and ( $opBinding/@name = $opmsg/../@name ) ) else fn:true() ) ]
Predicate:	$target/*:Header/wsrm:Sequence
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A SOAP Envelope with an WSDL doc-lit binding, and for which the use of WS-ReliableMessaging was required, did not contain a wsrm:Sequence header.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0003
General Notes:
Coverage Assessment:	partial:
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP0003
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message[@type = 'response' and /wsil:testLog/wsil:descriptionFiles/wsil:feature[@name = 'http://docs.oasis-open.org/ws-rx/wsrmp/200702/RMAssertion' and (@mode = 'required' or @mode = 'supported')] ]/wsil:messageContents/:Envelope [:Header[not(.//xenc:ReferenceList)]][:Body/:Fault]
Predicate:	not($target[:Body/:Fault[ fn:ends-with(:Code/:Subcode/:Value, 'MustUnderstand') or .//:faultcode[fn:contains(string(node()), 'MustUnderstand')]] and :Header/:NotUnderstood[fn:namespace-uri-for-prefix(fn:substring-before(@qname, ':'), .) = 'http://docs.oasis-open.org/ws-rx/wsrm/200702'] ])
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A SOAP Fault from an INSTANCE is reporting a NotUnderstood fault about a wsrm element, while the use of RM was required (RMAssertion).
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1002a
General Notes:
Coverage Assessment:	partial:
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP1002a
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message[/wsil:testLog/wsil:descriptionFiles//wsil:feature[@name = 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/SecureConversationToken' and @mode = 'required']] [@type = 'request']/wsil:messageContents/:Envelope [:Body[not(.//:Fault) and not(.//wsrm: ) and not(.//:EncryptedData) ]] [:Header[not(wsrm:AckRequested) and not(wsrm:SequenceAcknowledgement) and not(.//xenc:ReferenceList)]] [ some $myenv in . satisfies some $message in //wsdl:definitions/wsdl:message satisfies ($message/wsdl:part[1]/@type) ]
co-Target: myOpBinding	/wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:binding [.//[@style = 'rpc']]/wsdl:operation[@name = fn:local-name-from-QName(node-name($target/:Body/*[1]))]
Predicate:	$target/*:Header//wssc:SecurityContextToken
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A SOAP Envelope with an WSDL rpc-lit binding, and for which the use of a SecurityContextToken was required, did not contain a wssc:SecurityContextToken header.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1002b
General Notes:
Coverage Assessment:	partial:
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP1002b
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message[/wsil:testLog/wsil:descriptionFiles//wsil:feature[@name = 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/SecureConversationToken' and @mode = 'required']] [@type = 'request']/wsil:messageContents/:Envelope [:Body[not(.//:Fault) and not(.//wsrm: ) and not(.//:EncryptedData) ]] [:Header[not(wsrm:AckRequested) and not(wsrm:SequenceAcknowledgement) and not(.//xenc:ReferenceList)]] [some $myenv in . satisfies ( every $message in //wsdl:definitions/wsdl:message satisfies ( (not($message/wsdl:part[1]/@type) ) and ( $myenv/:Body/[1] or $myenv/*:Header/wsa:Action )) ) ]
co-Target: myOpBinding	/wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:binding/wsdl:operation [ some $opBinding in . satisfies (if ($target/:Body/[1] ) then (some $dmesg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:message[wsdl:part[fn:resolve-QName(xsd:string(@element), . ) = fn:node-name($target/:Body/[1])] ] satisfies some $dopmsg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation/wsdl:input [fn:local-name-from-QName(fn:resolve-QName(xsd:string(@message), . )) = $dmesg/@name] satisfies $opBinding/@name = $dopmsg/../@name ) else fn:true() ) and ( if ($target/:Header/wsa:Action) then ( some $opmsg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation/wsdl:input satisfies ($target/:Header/wsa:Action = ( if ($opmsg/@wsam:Action) then $opmsg/@wsam:Action else fn:concat($opmsg/../../../@targetNamespace, if (not(fn:ends-with($opmsg/../../../@targetNamespace,'/'))) then '/' else '', $opmsg/../../@name, '/', if($opmsg/@name) then $opmsg/@name else fn:concat($opmsg/../@name, 'Request' ) ) ) ) and ( $opBinding/@name = $opmsg/../@name ) ) else fn:true() ) ]
Predicate:	$target/*:Header//wssc:SecurityContextToken
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A SOAP Envelope with an WSDL doc-lit binding, and for which the use of a SecurityContextToken was required, did not contain a wssc:SecurityContextToken header.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2011a
General Notes:
Coverage Assessment:	partial:
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP2011a
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message[/wsil:testLog/wsil:descriptionFiles/wsil:feature[@name = 'http://docs.oasis-open.org/ws-rx/wsmc/200702/MCSupported' and @mode = 'required']] [@type = 'request']/wsil:messageContents/:Envelope [:Body[not(.//:Fault) and not(.//:EncryptedData) ]] [*:Header[not(.//xenc:ReferenceList)]] [ some $myenv in . satisfies some $message in //wsdl:definitions/wsdl:message satisfies ($message/wsdl:part[1]/@type) ]
co-Target: myOpBinding	/wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:binding [.//[@style = 'rpc']]/wsdl:operation[@name = fn:local-name-from-QName(node-name($target/:Body/*[1]))]
Predicate:	$target/*:Header[ (not(wsa:ReplyTo) or ( fn:contains(xsd:string(wsa:ReplyTo[1]/wsa:Address), 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=') or xsd:string(wsa:ReplyTo[1]/wsa:Address) = 'http://www.w3.org/2005/08/addressing/anonymous' or xsd:string(wsa:ReplyTo[1]/wsa:Address) = 'http://www.w3.org/2005/08/addressing/none' )) and (not(wsa:FaultTo) or ( fn:contains(xsd:string(wsa:FaultTo[1]/wsa:Address), 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=') or xsd:string(wsa:FaultTo[1]/wsa:Address) = 'http://www.w3.org/2005/08/addressing/anonymous' or xsd:string(wsa:FaultTo[1]/wsa:Address) = 'http://www.w3.org/2005/08/addressing/none' )) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A SOAP Envelope with an WSDL rpc-lit binding, and for which the use of MakeConnection was required, did not contain an appropriate wsa:ReplyTo or wsa:FaultTo value (either anonymous URI or a wsa "none" URI)
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2011b
General Notes:
Coverage Assessment:	partial:
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP2011b
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message[/wsil:testLog/wsil:descriptionFiles/wsil:feature[@name = 'http://docs.oasis-open.org/ws-rx/wsmc/200702/MCSupported' and @mode = 'required']] [@type = 'request']/wsil:messageContents/:Envelope [:Body[not(.//:Fault) and not(.//wsrm: ) and not(.//wsmc:) and not(.//:EncryptedData) ]] [:Header[not(.//xenc:ReferenceList)]] [some $myenv in . satisfies ( every $message in //wsdl:definitions/wsdl:message satisfies ( (not($message/wsdl:part[1]/@type) ) and ( $myenv/:Body/[1] or $myenv/:Header/wsa:Action )) ) ]
co-Target: myOpBinding	/wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:binding/wsdl:operation [ some $opBinding in . satisfies (if ($target/:Body/[1] ) then (some $dmesg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:message[wsdl:part[fn:resolve-QName(xsd:string(@element), . ) = fn:node-name($target/:Body/[1])] ] satisfies some $dopmsg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation/wsdl:input [fn:local-name-from-QName(fn:resolve-QName(xsd:string(@message), . )) = $dmesg/@name] satisfies $opBinding/@name = $dopmsg/../@name ) else fn:true() ) and ( if ($target/:Header/wsa:Action) then ( some $opmsg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation/wsdl:input satisfies ($target/:Header/wsa:Action = ( if ($opmsg/@wsam:Action) then $opmsg/@wsam:Action else fn:concat($opmsg/../../../@targetNamespace, if (not(fn:ends-with($opmsg/../../../@targetNamespace,'/'))) then '/' else '', $opmsg/../../@name, '/', if($opmsg/@name) then $opmsg/@name else fn:concat($opmsg/../@name, 'Request' ) ) ) ) and ( $opBinding/@name = $opmsg/../@name ) ) else fn:true() ) ]
Predicate:	$target/*:Header[ (not(wsa:ReplyTo) or ( fn:contains(xsd:string(wsa:ReplyTo[1]/wsa:Address), 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=') or xsd:string(wsa:ReplyTo[1]/wsa:Address) = 'http://www.w3.org/2005/08/addressing/anonymous' or xsd:string(wsa:ReplyTo[1]/wsa:Address) = 'http://www.w3.org/2005/08/addressing/none' )) and (not(wsa:FaultTo) or ( fn:contains(xsd:string(wsa:FaultTo[1]/wsa:Address), 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=') or xsd:string(wsa:FaultTo[1]/wsa:Address) = 'http://www.w3.org/2005/08/addressing/anonymous' or xsd:string(wsa:FaultTo[1]/wsa:Address) = 'http://www.w3.org/2005/08/addressing/none' )) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A SOAP Envelope with an WSDL doc-lit binding, and for which the use of MakeConnection was required, did not contain an appropriate wsa:ReplyTo or wsa:FaultTo value (either anonymous URI or a wsa "none" URI)
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2012
General Notes:
Coverage Assessment:	partial:
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP2012
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message[@type = 'response' and contains(xsd:string(wsil:httpHeaders/wsil:requestLine), '500') and /wsil:testLog/wsil:descriptionFiles/wsil:feature[@name = 'http://docs.oasis-open.org/ws-rx/wsmc/200702/MCSupported' and (@mode = 'required' or @mode = 'supported')] and (some $resp1 in . satisfies /wsil:testLog/wsil:messageLog/wsil:message[@type = 'request' and @conversation = $resp1/@conversation]/wsil:messageContents/:Envelope[:Body/wsmc:MakeConnection] ) ]/wsil:messageContents/:Envelope [:Header[not(.//xenc:ReferenceList)]]
Predicate:	not(:Body/:Fault[ (fn:ends-with(:Code, 'Sender') and fn:ends-with(:Code/:Subcode/:Value, 'ActionNotSupported')) or .//*:faultcode[fn:contains(string(node()), 'ActionNotSupported')] ])
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A SOAP Envelope with an HTTP 500 error code in response to a MakeConnection, in a context where the use of MC is required (MCSupported), contains a Fault with 'ActionNotSupported' code value.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2013
General Notes:
Coverage Assessment:	partial:
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP2013
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message[@type = 'response' and /wsil:testLog/wsil:descriptionFiles/wsil:feature[@name = 'http://docs.oasis-open.org/ws-rx/wsmc/200702/MCSupported' and (@mode = 'required' or @mode = 'supported')] and (some $resp1 in . satisfies /wsil:testLog/wsil:messageLog/wsil:message[@type = 'request' and @conversation = $resp1/@conversation]/wsil:messageContents/:Envelope[fn:contains(xsd:string(:Header/wsa:ReplyTo[1]/wsa:Address), 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=') ] ) ]/wsil:messageContents/:Envelope [:Header[not(.//xenc:ReferenceList)]]
Predicate:	not(:Body/:Fault[ (fn:ends-with(:Code, 'Sender') and fn:ends-with(:Code/:Subcode/:Value, 'InvalidAddressingHeader')) or .//*:faultcode[fn:contains(string(node()), 'InvalidAddressingHeader')] ])
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	A SOAP Envelope in response to a request with ReplyTo address set to MakeConnection anonymous URI, in a context where the use of MC is required (MCSupported) contains a Fault with 'InvalidAddressingHeader' code value.
Diagnostic Data:

Test Assertion

Test Assertion:	RSP2014a
Description:	If an endpoint using a doc-lit binding requires the use of WS-MakeConnection, any MESSAGE transmitted from this endpoint MUST be transmitted over a connection that is associated with either an instance of the WS-MakeConnection Anonymous URI or the WS-Addressing anonymous URI (http://www.w3.org/2005/08/addressing/anonymous).
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body[not (:Fault) and not(.//:EncryptedData) and not(.//wsrm:) and not(.//wssc:)] and :Header[not(wsa:Action ) or ( not(fn:starts-with(wsa:Action,'http://docs.oasis-open.org/ws-sx/ws-trust')) and not(fn:starts-with(wsa:Action,'http://docs.oasis-open.org/ws-rx/wsrm')) ) ] and /wsil:testLog/wsil:descriptionFiles/wsil:feature[@name = 'http://docs.oasis-open.org/ws-rx/wsmc/200702/MCSupported' and (@mode = 'required')] and :Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] and (some $respenv in . satisfies some $req in /wsil:testLog/wsil:messageLog/wsil:message satisfies $req/wsil:messageContents/:Envelope/:Header/wsa:MessageID = $respenv/:Header/wsa:RelatesTo [@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] and $req/wsil:messageContents/:Envelope/:Header[fn:contains(wsa:ReplyTo[1]/wsa:Address , 'http://www.w3.org/2005/08/addressing/anonymous') or not(wsa:ReplyTo)] ) ] [ some $myenv in . satisfies ( every $message in //wsdl:definitions/wsdl:message satisfies ( (not($message/wsdl:part[1]/@type) ) and ( $myenv/:Body/[1] or $myenv/:Header/wsa:Action )) ) ]
co-Target: myOpBinding	/wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:binding/wsdl:operation [ some $opBinding in . satisfies (if ($target/:Body/[1] ) then (some $dmesg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:message[wsdl:part[fn:resolve-QName(xsd:string(@element), . ) = fn:node-name($target/:Body/[1])] ] satisfies some $dopmsg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation/wsdl:output [fn:local-name-from-QName(fn:resolve-QName(xsd:string(@message), . )) = $dmesg/@name] satisfies $opBinding/@name = $dopmsg/../@name ) else fn:true() ) and ( if ($target/:Header/wsa:Action) then ( some $opmsg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation/wsdl:output satisfies ($target/:Header/wsa:Action = ( if ($opmsg/@wsam:Action) then $opmsg/@wsam:Action else fn:concat($opmsg/../../../@targetNamespace, if (not(fn:ends-with($opmsg/../../../@targetNamespace,'/'))) then '/' else '', $opmsg/../../@name, '/', if($opmsg/@name) then $opmsg/@name else fn:concat($opmsg/../@name, 'Response' ) ) ) ) and ( $opBinding/@name = $opmsg/../@name ) ) else fn:true() ) ]
Predicate:	$target/../../@type = 'response'
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	In a context where the use of MC is required (MCSupported), a response message in a WSDL doc/lit request-response exchange was sent over an HTTP request.
Diagnostic Data:	Complete message.

Test Assertion

Test Assertion:	RSP2014b
Description:	If an endpoint using a rpc-lit binding requires the use of WS-MakeConnection, any MESSAGE transmitted from this endpoint MUST be transmitted over a connection that is associated with either an instance of the WS-MakeConnection Anonymous URI or the WS-Addressing anonymous URI (http://www.w3.org/2005/08/addressing/anonymous).
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body[not (:Fault) ] and /wsil:testLog/wsil:descriptionFiles/wsil:feature[@name = 'http://docs.oasis-open.org/ws-rx/wsmc/200702/MCSupported' and (@mode = 'required')] and :Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] and (some $respenv in . satisfies some $req in /wsil:testLog/wsil:messageLog/wsil:message satisfies $req/wsil:messageContents/:Envelope/:Header/wsa:MessageID = $respenv/:Header/wsa:RelatesTo [@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] and $req/wsil:messageContents/:Envelope/*:Header[fn:contains(wsa:ReplyTo[1]/wsa:Address, 'http://www.w3.org/2005/08/addressing/anonymous') or not(wsa:ReplyTo)] ) ] [ some $myenv in . satisfies some $message in //wsdl:definitions/wsdl:message satisfies ($message/wsdl:part[1]/@type) ]
co-Target: myOpBinding	/wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:binding[.//[@style = 'rpc']]/ wsdl:operation [fn:string-join((@name, 'Response' ),'' ) = fn:local-name-from-QName(node-name($target/:Body/*[1]))]
Predicate:	$target/../../@type = 'response'
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	In a context where the use of MC is required (MCSupported), a response message in a WSDL rpc/lit request-response exchange was sent over an HTTP request.
Diagnostic Data:	Complete message.

Test Assertion

Test Assertion Analysis:	RSP2005
General Notes:
Coverage Assessment:	good
Target Type:	ENVELOPE
Test Target:	for a soap:Envelope sent as a response (wsa:RelatesTo) to another Envelope sent over an HTTP response
Test co-Target(s):
Test Prerequisite:
Predicate:	The target Envelope is sent over an HTTP Request
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP2005
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ some $reqm in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope satisfies $reqm/:Header/wsa:MessageID = ./:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] and $reqm/../../@type = 'response' ]
Predicate:	$target/../../@type = 'request'
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A soap:Envelope is sent as a response (wsa:RelatesTo) to another Envelope sent over an HTTP response. Such an envelope was not sent over an HTTP Request.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0010
General Notes:
Coverage Assessment:	partial
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:	No fault is sent back by the CS receiver.
Prescription:	mandatory
Reporting:	true=warning, false=undetermined
Test Control:	Warning: apparent failure. Verify if the Fault has not other causes.

Test Assertion:	RSP0010
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ :Body/wsrm:CreateSequence[not(wsrm:Offer)]]
co-Target: myresponse	/wsil:testLog/wsil:messageLog/wsil:message[ (@type = 'response' and @conversation = $target/../../@conversation) or (.//:Envelope/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $target/:Header/wsa:MessageID) ] /wsil:messageContents/:Envelope
Predicate:	not($myresponse//:Body/:Fault)
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	Warning: A wsrm:CreateSequence message was faulted. Please verify to make sure it was not faulted because of the absence of an Offer element.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0011
General Notes:
Coverage Assessment:	partial
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:	No fault is sent back by the CS receiver.
Prescription:	mandatory
Reporting:	true=warning, false=undetermined
Test Control:	Warning: apparent failure. Verify if the Fault has not other causes.

Test Assertion:	RSP0011
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence/wsrm:Offer]
co-Target: myresponse	/wsil:testLog/wsil:messageLog/wsil:message[ (@type = 'response' and @conversation = $target/../../@conversation) or (.//:Envelope/:Header/wsa:RelatesTo[not (@RelationshipType) or ( @RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' ) ] = $target/:Header/wsa:MessageID) ]/wsil:messageContents/:Envelope
Predicate:	not($myresponse//:Body/:Fault)
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	Warning: A wsrm:CreateSequence message was faulted. Please verify to make sure it was not faulted because of the presence of an Offer element.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0120
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE (with RM header)
Test Target:	For any envelope with RM header, for which there exists at least one preceeding envelope in the log with RM header featuring same wsrm:Identifier and wsrm:MessageNumber elements,
Test co-Target(s):
Test Prerequisite:
Predicate:	either the target envelope has no wsa:MessageID and every sibling envelope does not have one, or the target envelope has wsa:MessageID and every sibling envelope has the same.
Prescription:	mandatory
Reporting:	(default: true=pass, false=fail)
Test Control:	MIM config: Generate message resending - e.g. by blocking Acks, or blocking the regular messages.

Test Assertion:	RSP0120
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ :Header/wsrm:Sequence = preceding:::Envelope/:Header/wsrm:Sequence]
Predicate:	some $curenv in . satisfies every $prevenv in preceding:::Envelope[:Header/wsrm:Sequence = $curenv/:Header/wsrm:Sequence] satisfies ((not($prevenv/:Header/wsa:MessageID) and not($curenv/:Header/wsa:MessageID)) or $prevenv/:Header/wsa:MessageID = $curenv/*:Header/wsa:MessageID )
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A message has been resent (by an RMS), yet it had an wsa:MessageId different from the previous sending, or the wsa:MessageId header was present in one but not in the other.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0210
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE (either CS or TS)
Test Target:	For a soap:Envelope with either a wsrm:CloseSequence or a wsrm:TerminateSequence element in the soap:Body
Test co-Target(s):
Test Prerequisite:
Predicate:	the Envelope also contains wsrm:LastMsgNumber: proposed XPath= se:Body/wsrm:*/wsrm:LastMsgNumber
Prescription:	mandatory
Reporting:	true=pass, false=fail
Test Control:	Generate either a wsrm:CloseSequence message, or a wsrm:TerminateSequence

Test Assertion:	RSP0210
Description:	The soap:envelope in the message also contains a wsrm:LastMsgNumber element if it has a wsrm:CloseSequence or a wsrm:TerminateSequence element.
Target:	//wsil:messageContents/:Envelope[ :Body/wsrm:CloseSequence or :Body/wsrm:TerminateSequence] [.//:Body//wsrm:Identifier = preceding:::Envelope/:Header/wsrm:Sequence/wsrm:Identifier]
Predicate:	:Body/wsrm:/wsrm:LastMsgNumber
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	Warning: The soap:envelope in a wsrm:CloseSequence or a wsrm:TerminateSequence message for a non-empty RM sequence does not contain a wsrm:LastMsgNumber element. Please verify that the message was sent by the sequence destination (RMD) as the LastMsgNumber element must be present otherwise
Diagnostic Data:	{SOAP message}

Test Assertion

Test Assertion Analysis:	RSP0400a
General Notes:	NOTE1: needs artificial traffic generation to stimulate fault; if then easy, might need to use signature of corruption and correlation to fault or lack thereof.NOTE2: Test env. can cause a fault situation for one of the RM protocol mesg, and then we must observe a correlating Fault in the log. NOTE3: TA will only test some of the faulty cases (partial coverage)
Coverage Assessment:	partial, due to lack of exhaustive coverage of cases.
Target Type:	ENVELOPE (of RM protocol message)
Test Target:	For a faulty RM protocol message above (based on predefined test control protocol)
Test co-Target(s):
Test Prerequisite:
Predicate:	There is a related Fault message in response, in the log.
Prescription:	mandatory
Reporting:	true=pass, false=fail
Test Control:	Generate a faulty RM protocol message, or using MIM corrupt a correctly generated one.

Test Assertion:	RSP0400a
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ :Body/wsrm:CloseSequence or :Body/wsrm:TerminateSequence or :Header/wsrm:AckRequested] [some $id in .//wsrm:Identifier satisfies fn:contains($id, 'http://dummy.example.org/unknown/nmspace')]
co-Target: myresponse	/wsil:testLog/wsil:messageLog/wsil:message[ (@type = 'response' and @conversation = $target/../../@conversation) or (.//:Envelope/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $target/:Header/wsa:MessageID) ] /wsil:messageContents/:Envelope
Predicate:	$myresponse//:Body/:Fault
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	Warning: A fault must have been generated due to unrecognized RM sequence ID in wsrm:CloseSequence, wsrm:TerminateSequence or *:Header/wsrm:AckRequested message, but the fault was not transmitted as response.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0400b
General Notes:	NOTE1: needs artificial traffic generation to stimulate fault; if then easy, might need to use signature of corruption and correlation to fault or lack thereof.NOTE2: Test env. can cause a fault situation for one of the RM protocol mesg, and then we must observe a correlating Fault in the log. NOTE3: TA will only test some of the faulty cases (partial coverage)
Coverage Assessment:	partial, due to lack of exhaustive coverage of cases.
Target Type:	ENVELOPE (of RM protocol message)
Test Target:	For a faulty RM protocol message above (based on predefined test control protocol)
Test co-Target(s):
Test Prerequisite:
Predicate:	There is a related Fault message in response, in the log.
Prescription:	mandatory
Reporting:	true=pass, false=fail
Test Control:	Generate a faulty RM protocol message, or using MIM corrupt a correctly generated one.

Test Assertion:	RSP0400b
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ :Body/wsrm:CloseSequence or :Body/wsrm:TerminateSequence or :Header/wsrm:AckRequested] [some $id in .//wsrm:Identifier satisfies fn:contains($id, 'http://dummy.example.org/unknown/nmspace')]
co-Target: myresponse	/wsil:testLog/wsil:messageLog/wsil:message[ (@type = 'response' and @conversation = $target/../../@conversation) or (.//:Envelope/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $target/:Header/wsa:MessageID) ] /wsil:messageContents/:Envelope
Predicate:	not($myresponse//:Body/wsrm:CreateSequenceResponse) and not($myresponse//:Body/wsrm:TerminateSequenceResponse) and not($myresponse//*:Header/wsrm:SequenceAcknowledgement)
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A legitimate response - either a wsrm:CreateSequenceResponse or a wsrm:TerminateSequenceResponse or a wsrm:SequenceAcknowledgement - has been sent back to a lifecycle management message that contained an unrecognizable sequence ID.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0500
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=pass, false=fail
Test Control:

Test Assertion:	RSP0500
Description:	Case non-encrypted CS/CSR. Ack is sent back over a message with non-empty Body, and with wsa:To header. Then the AcksTo address value for this sequence must be same as the wsa:To address.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [ :Header[wsrm:SequenceAcknowledgement and not(:Header/wsse:Security//xenc:ReferenceList) and wsa:To] and :Body[node() and not(:Fault) and not(wsrm:)]] [ some $tgt in . satisfies some $csr in /wsil:testLog/wsil:messageLog/wsil:message//:Envelope[:Body/wsrm:CreateSequenceResponse][$tgt/:Header/wsrm:SequenceAcknowledgement/wsrm:Identifier = :Body/wsrm:CreateSequenceResponse/wsrm:Identifier] satisfies some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence] satisfies ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID)]
co-Target: mycreateseq	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ (:Body/wsrm:CreateSequence and (: --- case CS/CSR not encrypted --- :) (some $cs in . satisfies (some $csr in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequenceResponse] satisfies ($target/:Header/wsrm:SequenceAcknowledgement/wsrm:Identifier = $csr/:Body/wsrm:CreateSequenceResponse/wsrm:Identifier and ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID))))) ]
Predicate:	$target/:Header/wsa:To = $mycreateseq/:Body/wsrm:CreateSequence/wsrm:AcksTo/wsa:Address
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A wsrm:SequenceAcknowledgement piggybacked on a message (with non-empty body) was sent to a destination (wsa:To) that has an address different from the wsrm:AcksTo value associated with this RM sequence.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0530a
General Notes:	The trick to testing this requirement is to define an response operation with an empty body and a non-empty wsa:Action header and create a situation in which this response is likely to carry a piggybacked acknowledgement. Case 1: a wsa:Action is defined in the WSDL for an empty response. Case 2: not so -- default in 3.3 apples.
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope which: a. Corresponds to the wsdl:output message of our test scenario (i.e. is the response to the wsdl:input message in the test scenario). b. Has one or more SequenceAcknowledgment headers.
Test co-Target(s):
Test Prerequisite:
Predicate:	The value of the wsa:Action header is as defined by wsam:Action attribute of the wsdl:output message in the test scenario
Prescription:	mandatory
Reporting:	true=pass, false=fail
Test Control:	(additional scenarios) Scenario: x.x.x Reliable_Request_Empty_Response Create a WSDL with a portType that defines a single request-response operation. The wsdl:output of this operation should have an empty message and a non-empty wsam:Action attribute. A client implementation of this WSDL reliably sends the request messages and either reliably or non-reliably receives the response messages. So two cases are looked at: considering an empty out message with SeqAck piggybacked: (1) if non-empty wsam:Action in WSDL for the out message, then a wsa:Action with same value should be in header, (2) if no wsam:Action in WSDL for the out message, then a wsa:Action with default 'SeqAck' value should be in.

Test Assertion:	RSP0530a
Description:	Case (a): Ack is sent back over a response message that RelatesTo a request message in a 2-way WSDL operation.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [ :Header[wsrm:SequenceAcknowledgement and not(//xenc:ReferenceList)] and :Body[ not(:Fault) and not(wsrm:)]/ and ( :Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope/*:Header/wsa:MessageID) ]
co-Target: myOpBind	//wsil:descriptionFile/wsdl:definitions/wsdl:binding/wsdl:operation [ some $opb in . satisfies some $req in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ :Header/wsa:ReplyTo or ./../../@type = 'request' ] satisfies ($target/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $req/:Header/wsa:MessageID) and ( $opb/@name = local-name-from-QName(node-name($req/:Body/[1])) or (some $pop in //wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation[@name = $opb/@name] satisfies some $dmsg in $pop/../../wsdl:message[fn:resolve-QName(xsd:string(wsdl:part[1]/@element), .) = fn:node-name($req/:Body/[1])] satisfies fn:ends-with($pop/wsdl:input/@message, $dmsg/@name) ) ) ][1]
Predicate:	fn:ends-with($target/:Header/wsa:Action, fn:concat($myOpBind[1]/@name, 'Response')) or (some $ptop in //wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation[@name = $myOpBind/@name] satisfies $target/:Header/wsa:Action = $ptop/*:output/@name)
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A wsrm:SequenceAcknowledgement sent as response to a request message mapping to a WSDL two-way operation, does not conform to Section 3.3 of the WS-ReliableMessaging specification: it does not have the wsa:Action conforming to the output/@name attribute (if any) of the port definition or does not have the default value of operation name concatenated with 'Response'.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0530b
General Notes:	The trick to testing this requirement is to define an response operation with an empty body and a non-empty wsa:Action header and create a situation in which this response is likely to carry a piggybacked acknowledgement. Case 1: a wsa:Action is defined in the WSDL for an empty response. Case 2: not so -- default in 3.3 apples.
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope which: a. Corresponds to the wsdl:output message of our test scenario (i.e. is the response to the wsdl:input message in the test scenario). b. Has one or more SequenceAcknowledgment headers.
Test co-Target(s):
Test Prerequisite:
Predicate:	The value of the wsa:Action header is as defined by wsam:Action attribute of the wsdl:output message in the test scenario
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	(additional scenarios) Scenario: x.x.x Reliable_Request_Empty_Response Create a WSDL with a portType that defines a single request-response operation. The wsdl:output of this operation should have an empty message and a non-empty wsam:Action attribute. A client implementation of this WSDL reliably sends the request messages and either reliably or non-reliably receives the response messages. So two cases are looked at: considering an empty out message with SeqAck piggybacked: (1) if non-empty wsam:Action in WSDL for the out message, then a wsa:Action with same value should be in header, (2) if no wsam:Action in WSDL for the out message, then a wsa:Action with default 'SeqAck' value should be in.

Test Assertion:	RSP0530b
Description:	Case (b): Ack is piggybacked over a (non-empty) request message, i.e. no RelatesTo element.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [ :Header[wsrm:SequenceAcknowledgement and not(//xenc:ReferenceList)] and :Body[element() and not(wsmc:MakeConnection) and not(:Fault) and not(wsrm:)] and not(:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)]) ]
co-Target: myOpBind	//wsil:descriptionFile/wsdl:definitions/wsdl:binding/wsdl:operation [ some $opb in . satisfies ( $opb/@name = local-name-from-QName(node-name($target/:Body/[1])) or (some $pop in //wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation[@name = $opb/@name] satisfies some $dmsg in $pop/../../wsdl:message[fn:resolve-QName(xsd:string(wsdl:part[1]/@element), .) = fn:node-name($target/:Body/[1])] satisfies fn:ends-with($pop/wsdl:input/@message, $dmsg/@name)) ) ][1]
Predicate:	fn:ends-with($target/:Header/wsa:Action, $myOpBind[1]/@name) or (some $ptop in //wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation[@name = $myOpBind/@name] satisfies $target/:Header/wsa:Action = $ptop/*:input/@name)
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A wsrm:SequenceAcknowledgement piggybacked over a request message does not conform to Section 3.3 of the WS-ReliableMessaging specification: it does not have the wsa:Action conforming to the inpput/@name attribute (if any) of the port definition or does not have the default value of operation name.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0530c
General Notes:	The trick to testing this requirement is to define an response operation with an empty body and a non-empty wsa:Action header and create a situation in which this response is likely to carry a piggybacked acknowledgement. Case 1: a wsa:Action is defined in the WSDL for an empty response. Case 2: not so -- default in 3.3 apples.
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope which: a. Corresponds to the wsdl:output message of our test scenario (i.e. is the response to the wsdl:input message in the test scenario). b. Has one or more SequenceAcknowledgment headers.
Test co-Target(s):
Test Prerequisite:
Predicate:	The value of the wsa:Action header is as defined by wsam:Action attribute of the wsdl:output message in the test scenario
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	(additional scenarios) Scenario: x.x.x Reliable_Request_Empty_Response Create a WSDL with a portType that defines a single request-response operation. The wsdl:output of this operation should have an empty message and a non-empty wsam:Action attribute. A client implementation of this WSDL reliably sends the request messages and either reliably or non-reliably receives the response messages. So two cases are looked at: considering an empty out message with SeqAck piggybacked: (1) if non-empty wsam:Action in WSDL for the out message, then a wsa:Action with same value should be in header, (2) if no wsam:Action in WSDL for the out message, then a wsa:Action with default 'SeqAck' value should be in.

Test Assertion:	RSP0530c
Description:	Case (c): Ack is over an empty request message that is not a Response, i.e. "not piggybacked": no RelatesTo element.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [ :Header/wsrm:SequenceAcknowledgement and not(:Body/ ) and not(*:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)]) ]
Predicate:	$target/:Header/wsa:Action = 'http://docs.oasis-open.org/ws-rx/wsrm/200702/SequenceAcknowledgement' or ($target/:Header/wsrm:AckRequested and $target/*:Header/wsa:Action = 'http://docs.oasis-open.org/ws-rx/wsrm/200702/AckRequested' )
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A wsrm:SequenceAcknowledgement sent over a message with an empty s:Body and that is not a response message, does not have its wsa:Action URI value set to the predefined: "http://docs.oasis-open.org/ws-rx/wsrm/200702/SequenceAcknowledgement"
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0530d
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope with: a. MakeConnection: b. Has one or more SequenceAcknowledgment headers.
Test co-Target(s):
Test Prerequisite:
Predicate:	The value of the wsa:Action header is the MC URI.
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP0530d
Description:	Case (b): Ack is piggybacked over a (non-empty) request message, i.e. no RelatesTo element.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [ :Header/wsrm:SequenceAcknowledgement and *:Body/wsmc:MakeConnection ]
Predicate:	$target/*:Header/wsa:Action = 'http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection'
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A wsrm:SequenceAcknowledgement piggybacked over an MakeConnection message does not have the wsa:Action set to http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0600
General Notes:	NOTE1: only a recommendation. TA will be useful to assess the behavior of implementations, if not to assess conformance. NOTE2: no requirement the response sequence is resulting from an offer?
Coverage Assessment:	Good
Target Type:	ENVELOPE (with RM header)
Test Target:	For an Envelope E1b that is sent reliably in response to another Envelope E1a sent reliably, if there exists an Envelope E2b that is sent reliably in response to another Envelope E2a sent reliably in the same sequence as E1a.
Test co-Target(s):
Test Prerequisite:
Predicate:	every Envelope E2b matching the context has same wsrm:Identifier as E1b.
Prescription:	preferred
Reporting:	(default)
Test Control:

Test Assertion:	RSP0600
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [.//wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] and .//:Header/wsrm:Sequence] [some $resp1 in . satisfies some $req1 in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[(.//:Header/wsa:MessageID = $resp1//wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)]) and .//:Header/wsrm:Sequence] satisfies $req1/preceding::wsil:message/wsil:messageContents/:Envelope[ (.//:Header/wsrm:Sequence/wsrm:Identifier = $req1//:Header/wsrm:Sequence/wsrm:Identifier) and (.//:Header/wsa:ReplyTo/wsa:Address = $req1//:Header/wsa:ReplyTo//wsa:Address or (not(.//:Header/wsa:ReplyTo) and not($req1//:Header/wsa:ReplyTo)) )] ]
co-Target: siblingresp	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [.//wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] and .//:Header/wsrm:Sequence] [ some $resp2 in . satisfies some $req2 in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[(.//:Header/wsa:MessageID = $resp2//wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] )] satisfies some $req1 in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[.//:Header/wsrm:Sequence/wsrm:Identifier = $req2//:Header/wsrm:Sequence/wsrm:Identifier] satisfies ($req1//:Header/wsa:MessageID = $target//wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)]) ] [fn:last()]
Predicate:	$siblingresp//:Header/wsrm:Sequence/wsrm:Identifier = $target//:Header/wsrm:Sequence/wsrm:Identifier
Reporting:	true=passed, false=failed
Prescription:	preferred
Error Message:	Two Message envelopes E1resp and E2resp were sent reliably (RM) as responses to two other envelopes E1req and E2req that both belong to the same RM sequence. Yet, E1resp and E2resp do not belong to the same RM sequence.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0610
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP0610
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message [@type = 'request' and .//:Header/wsrm:Sequence] [some $req1 in . satisfies $req1/preceding::wsil:message[@type = 'request' and (.//:Header/wsrm:Sequence/wsrm:Identifier = $req1//:Header/wsrm:Sequence/wsrm:Identifier) and ( ( not(.//:Header/wsa:ReplyTo) and $req1//:Header/wsa:ReplyTo and not(fn:contains(xsd:string($req1//:Header/wsa:ReplyTo[1]/wsa:Address), 'anonymous'))) or ( not($req1//:Header/wsa:ReplyTo) and .//:Header/wsa:ReplyTo and not(fn:contains(xsd:string(.//:Header/wsa:ReplyTo[1]/wsa:Address), 'anonymous'))) or ( $req1//:Header/wsa:ReplyTo and .//:Header/wsa:ReplyTo and ( not(.//:Header/wsa:ReplyTo/wsa:Address = $req1//:Header/wsa:ReplyTo/wsa:Address) or not(.//:Header/wsa:ReplyTo/wsa:ReferenceParameters = $req1//*:Header/wsa:ReplyTo/wsa:ReferenceParameters) )) ) ] ]
co-Target: myresponse	/wsil:testLog/wsil:messageLog/wsil:message[ (@type = 'response' and @conversation = $target/@conversation) or (.//:Envelope/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $target//:Header/wsa:MessageID) ] /wsil:messageContents/:Envelope
Predicate:	not($myresponse//:Body/:Fault)
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	Warning: A request message sent reliably (RM) with a ReplyTo value different from a ReplyTo in preceding request message sent reliably (RM) over the same sequence, was faulted. Please verify this is not because there were two different ReplyTo values for the same sequence, as this is allowed.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2004a
General Notes:	When the wsa:ReplyTo addressing property of a request message (SOAP envelope included in the HTTP entity body of the HTTP request) described by the input message of a WSDL request-response operation is set to a MakeConnection anonymous URI, the corresponding response MESSAGE (SOAP envelope included in the HTTP entity body of the HTTP response) described by the WSDL output message of the same WSDL request-response operation MUST be sent as an HTTP response to either the HTTP request that carried the WSDL input message, or to the HTTP request that carried a wsmc:MakeConnection message with the correct MakeConnection anonymous URI.
Coverage Assessment:	Good
Target Type:	MESSAGE
Test Target:	response message to a MakeConnection that has an MC anon ReplyTo
Test co-Target(s):	related request-response WSDL op
Test Prerequisite:
Predicate:	response message is sent on same HTTP connection (response), or is sent on another HTTP response of a MakeConnection request with same MC URI in wsmc:Address.
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP2004a
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message [.//:Envelope[:Header/wsa:RelatesTo and not(:Header/wsse:Security//xenc:ReferenceList) and not(:Body/:Fault) and not(:Body/wsrm:)]] [ some $resp1 in . satisfies some $req1 in /wsil:testLog/wsil:messageLog/wsil:message[.//:Header/wsa:MessageID = $resp1//wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)]] satisfies ( $req1/wsil:messageContents/:Envelope[not(:Body/wsmc:MakeConnection) and fn:contains(xsd:string(./:Header/wsa:ReplyTo[1]/wsa:Address), 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=') ] and /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:binding[.//[@style = 'rpc']]/wsdl:operation[wsdl:input and wsdl:output][@name = fn:local-name-from-QName(node-name($req1//:Body/[1]))]) ]
co-Target: myRequestMsg	/wsil:testLog/wsil:messageLog/wsil:message [.//:Header/wsa:MessageID = $target//wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] and not (./wsil:messageContents/:Envelope/*:Body/wsmc:MakeConnection )]
co-Target: myOpBinding	//wsil:descriptionFile/wsdl:definitions/wsdl:binding [.//[@style = 'rpc']]/wsdl:operation[wsdl:input and wsdl:output][@name = fn:local-name-from-QName(node-name($myRequestMsg//:Body/*[1]))][1]
Predicate:	$target/@type = 'response' and ($myRequestMsg/@conversation = $target/@conversation or (some $req2 in /wsil:testLog/wsil:messageLog/wsil:message[@type = 'request' and @conversation = $target/@conversation] satisfies ( $req2/wsil:messageContents/:Envelope/:Body/wsmc:MakeConnection/wsmc:Address = $myRequestMsg/wsil:messageContents/:Envelope/:Header/wsa:ReplyTo/wsa:Address ) ))
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A response message that binds to an rpc-literal WSDL request-response binding, and relates to a request message sent over HTTP request, is not sent over same HTTP connection (response), and is not sent on an HTTP response to a MakeConnection request with same MC URI in wsmc:Address.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2004b
General Notes:	When the wsa:ReplyTo addressing property of a request message (SOAP envelope included in the HTTP entity body of the HTTP request) described by the input message of a WSDL request-response operation is set to a MakeConnection anonymous URI, the corresponding response MESSAGE (SOAP envelope included in the HTTP entity body of the HTTP response) described by the WSDL output message of the same WSDL request-response operation MUST be sent as an HTTP response to either the HTTP request that carried the WSDL input message, or to the HTTP request that carried a wsmc:MakeConnection message with the correct MakeConnection anonymous URI.
Coverage Assessment:	Good
Target Type:	MESSAGE
Test Target:	response message to a MakeConnection that has an MC anon ReplyTo
Test co-Target(s):	related request-response WSDL op
Test Prerequisite:
Predicate:	response message is sent on same HTTP connection (response), or is sent on another HTTP response of a MakeConnection request with same MC URI in wsmc:Address.
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP2004b
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message [.//:Envelope[:Header/wsa:RelatesTo and not(:Header/wsse:Security//xenc:ReferenceList) and not(:Body/:Fault) and not(:Body/wsrm:)]] [ some $resp1 in . satisfies some $req1 in /wsil:testLog/wsil:messageLog/wsil:message[.//:Header/wsa:MessageID = $resp1//wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)]] satisfies ( $req1/wsil:messageContents/:Envelope[not(:Body/wsmc:MakeConnection) and fn:contains(xsd:string(./:Header/wsa:ReplyTo[1]/wsa:Address), 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=') ] and /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:message[fn:resolve-QName(xsd:string(wsdl:part[1]/@element), . ) = fn:node-name($req1//:Envelope/:Body/[1])]) ]
co-Target: myRequestMsg	/wsil:testLog/wsil:messageLog/wsil:message [.//:Header/wsa:MessageID = $target//wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] and not (./wsil:messageContents/:Envelope/*:Body/wsmc:MakeConnection )]
co-Target: myOpBinding	/wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:binding [not(.//[@style = 'rpc'])]/wsdl:operation [wsdl:input and wsdl:output] [ some $opBinding in . satisfies some $dmesg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:message[wsdl:part[fn:resolve-QName(xsd:string(@element), . ) = fn:node-name($myRequestMsg//:Envelope/:Body/[1])] ] satisfies some $dopmsg in /wsil:testLog/wsil:descriptionFiles/wsil:descriptionFile/wsdl:definitions/wsdl:portType/wsdl:operation/wsdl:input [fn:local-name-from-QName(fn:resolve-QName(xsd:string(@message), . )) = $dmesg/@name] satisfies $opBinding/@name = $dopmsg/../@name ][1]
Predicate:	$target/@type = 'response' and ($myRequestMsg/@conversation = $target/@conversation or (some $req2 in /wsil:testLog/wsil:messageLog/wsil:message[@type = 'request' and @conversation = $target/@conversation] satisfies ( $req2/wsil:messageContents/:Envelope/:Body/wsmc:MakeConnection/wsmc:Address = $myRequestMsg/wsil:messageContents/:Envelope/:Header/wsa:ReplyTo/wsa:Address ) ))
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A response message that binds to an doc-literal WSDL request-response binding, and relates to a request message sent over HTTP request, is not sent over same HTTP connection (response), and is not sent on an HTTP response to a MakeConnection request with same MC URI in wsmc:Address.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2030
General Notes:	.
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	For an Envelope with s:Body/MC and wsa:Action header
Test co-Target(s):
Test Prerequisite:
Predicate:	wsa:Action value is http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP2030
Description:
Target:	//wsil:messageContents/:Envelope [:Body/wsmc:MakeConnection and *:Header/wsa:Action]
Predicate:	fn:contains(*:Header/wsa:Action, 'http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection')
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	An Envelope with soap:Body/wsmc:MakeConnection and wsa:Action header, does not have http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection in wsa:Action.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2031
General Notes:	If a MESSAGE contains a SOAP 1.1 envelope with the wsmc:MakeConnection element as the child of the Body, the HTTP SOAPAction header, if present and not equal to the value of "" (empty string), MUST contain the value "http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection.
Coverage Assessment:	Good
Target Type:	MESSAGE
Test Target:	For a Message with sopa11:Body/MC and HTTP SOAPAction header
Test co-Target(s):
Test Prerequisite:
Predicate:	either SOAPAction value isempty string, or "http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection"
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP2031
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message [wsil:messageContents/soap11:Envelope/soap11:Body/wsmc:MakeConnection and (some $ky in wsil:httpHeaders/wsil:httpHeader/@key satisfies fn:lower-case($ky) = 'soapaction' )]
Predicate:	(wsil:httpHeaders/wsil:httpHeader[fn:lower-case(@key) = 'soapaction']/@value = 'http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection' or wsil:httpHeaders/wsil:httpHeader[fn:lower-case(@key) = 'soapaction']/@value = '' ) and (wsil:httpHeaders/wsil:httpHeader[fn:lower-case(@key) = 'soapaction']/@quoted = 'true' or not (wsil:httpHeaders/wsil:httpHeader[fn:lower-case(@key) = 'soapaction']/@quoted ))
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A message containing wsmc:MakeConnection has a non-empty SOAPAction header value different from 'http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection' or this HTTP header is not quoted.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2032
General Notes:	If a MESSAGE contains a SOAP 1.2 envelope with the wsmc:MakeConnection element as the child of the Body, the action parameter of the HTTP Content-Type header, if present, MUST contain the value "http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection"
Coverage Assessment:	Good
Target Type:	MESSAGE
Test Target:	For an Message with sopa12:Body/MC and action parameter of the HTTP Content-Type header
Test co-Target(s):
Test Prerequisite:
Predicate:	action parameter = "http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection"
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP2032
Description:
Target:	//wsil:message [wsil:messageContents/soap12:Envelope/soap12:Body/wsmc:MakeConnection and (wsil:httpHeaders/wsil:contentTypeHeader/wsil:parameter/@key = 'action' )]
Predicate:	wsil:httpHeaders/wsil:contentTypeHeader/wsil:parameter[@key = 'action']/@value = "http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection"
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	In a SOAP 1.2 MESSAGE with the wsmc:MakeConnection element, the `action` parameter of the HTTP `Content-Type` header does not contain the value "http://docs.oasis-open.org/ws-rx/wsmc/200702/MakeConnection".
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2050
General Notes:	.
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope in which any of the following appear: a. wsmc:UnsupportedSelection b. wsmc:MissingSelection
Test co-Target(s):
Test Prerequisite:
Predicate:	The [target] has a wsa:RelatesTo that points to an MC with wsa:MessageId, AND the wsa:To matches the wsa:FaultTo (or wsa:ReplyTo if no faultTo).
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP2050
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body/:Fault//:Value[ (: fn:namespace-uri-for-prefix(fn:substring-before(string(node()),':' ) , . ) = 'http://docs.oasis-open.org/ws-rx/wsmc/200702' and :) (fn:contains(string(node()), 'MissingSelection') or fn:contains(string(node()), 'UnsupportedSelection'))] or :Body/:Fault//*:faultcode[ (: fn:namespace-uri-for-prefix(fn:substring-before(string(node()),':' ) , . ) = 'http://docs.oasis-open.org/ws-rx/wsmc/200702' and :) (fn:contains(string(node()), 'MissingSelection') or fn:contains(string(node()), 'UnsupportedSelection'))] ]
Predicate:	some $mc in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsmc:MakeConnection] satisfies ($mc/:Header/wsa:MessageID = $target/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] (: and ( not($target/:Header/wsa:To) or ($target/:Header/wsa:To = $mc/:Header/wsa:FaultTo/wsa:Address or (not($mc/:Header/wsa:FaultTo) and ($target/:Header/wsa:To = $mc/:Header/wsa:ReplyTo/wsa:Address or (not($mc/:Header/wsa:ReplyTo) and fn:contains($target/:Header/wsa:To, 'http://www.w3.org/2005/08/addressing/anonymous') ) )))) :) ) or (not($mc/:Header/wsa:MessageID) and $mc/../../@conversation = $target/../../@conversation and (not($target/:Header/wsa:To) or fn:contains($target/*:Header/wsa:To, 'http://www.w3.org/2005/08/addressing/anonymous')) )
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A wsmc:UnsupportedSelection or wsmc:MissingSelection Fault either does not relate to a MakeConnection message or has a wsa:To content that does not match the wsa:FaultTo or wsa:ReplyTo in the MC message if no FaultTo.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2100
General Notes:	There's an option in the MC spec that allows for the retrieval of messages based on things other than the target URI – however, RSP limits this by requiring that a search MUST, at least, be based on the target URI (ie. the wsa:To URI).
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	For an Envelope with s:Body/MC
Test co-Target(s):
Test Prerequisite:
Predicate:	there exists MC/wsmc:Address child element
Prescription:	mandatory
Reporting:	(default)
Test Control:	provide context and cause MC sending such as do a req/resp and the response is lost. Flag=much more difficult study required to force use of MC. Run some request/response tests and set the wsa:ReplyTo of the request messages (from a non-addressable endpoint) to an instance of the MC Anonymous URI Template

Test Assertion:	RSP2100
Description:
Target:	//wsil:messageContents/:Envelope[:Body/wsmc:MakeConnection]
Predicate:	*:Body/wsmc:MakeConnection/wsmc:Address
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The MakeConenction element does not contain a wsmc:Address child element.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2102
General Notes:	Counterpart of RSP2100 (in case of violation)
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	For an Envelope with s:Body/MC and no wsmc:Address
Test co-Target(s):
Test Prerequisite:
Predicate:	there exists a Fault generated in response
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP2102
Description:
Target:	//wsil:messageContents/:Envelope[:Body/wsmc:MakeConnection and not(*:Body/wsmc:MakeConnection/wsmc:Address)]
Predicate:	some $mcfault in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body/:Fault//:Value[ (: fn:namespace-uri-for-prefix(fn:substring-before(string(node()),':' ) , . ) = 'http://docs.oasis-open.org/ws-rx/wsmc/200702' and :) fn:contains(string(node()), 'MissingSelection')] or :Body/:Fault//:faultcode[ (: fn:namespace-uri-for-prefix(fn:substring-before(string(node()),':' ) , . ) = 'http://docs.oasis-open.org/ws-rx/wsmc/200702' and :) fn:contains(string(node()), 'MissingSelection')] ] satisfies ($target/:Header/wsa:MessageID = $mcfault/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] or (not($target/:Header/wsa:MessageID) and $mcfault/../../@conversation = $target/../../@conversation))
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A MakeConnection message without wsmc:Address did not cause the generation of a wsmc:MissingSelection Fault associated with this MC message.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2101
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	For an Envelope with s:Body/MC
Test co-Target(s):
Test Prerequisite:
Predicate:	there is no MC/wsrm:Identifier
Prescription:	mandatory
Reporting:	(default)
Test Control:	provide context and cause MC sending such as do a req/resp and the response is lost. Flag=much more difficult study required to force use of MC. Run some request/response tests and set the wsa:ReplyTo of the request messages (from a non-addressable endpoint) to an instance of the MC Anonymous URI Template

Test Assertion:	RSP2101
Description:
Target:	//wsil:messageContents/:Envelope[:Body/wsmc:MakeConnection]
Predicate:	not (*:Body/wsmc:MakeConnection/wsrm:Identifier)
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2103
General Notes:	Counterpart of RSP2101 (in case of violation)
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	For an Envelope with s:Body/MC and with wsrm:Identifier
Test co-Target(s):
Test Prerequisite:
Predicate:	there exists a Fault generated in response
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP2103
Description:
Target:	//wsil:messageContents/:Envelope[:Body/wsmc:MakeConnection//wsrm:Identifier]
Predicate:	some $mcfault in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body/:Fault//:Value[ (: fn:namespace-uri-for-prefix(fn:substring-before(string(node()),':' ) , . ) = 'http://docs.oasis-open.org/ws-rx/wsmc/200702' and :) fn:contains(string(node()), 'UnsupportedSelection')] or :Body/:Fault//:faultcode[ (: fn:namespace-uri-for-prefix(fn:substring-before(string(node()),':' ) , . ) = 'http://docs.oasis-open.org/ws-rx/wsmc/200702' and :) fn:contains(string(node()), 'UnsupportedSelection')] ] satisfies ($target/:Header/wsa:MessageID = $mcfault/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] or (not($target/:Header/wsa:MessageID) and $mcfault/../../@conversation = $target/../../@conversation))
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A MakeConnection message with an wsrm:Identifier did not cause the generation of a wsmc:UnsupportedSelection Fault associated with this MC message.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2110
General Notes:	While the MakeConnection specification allows for any URI to be used in the mc:Address element, for the purposes of increasing interoperability the RSP narrows its usage down to just the cases of the MCAnonymous URI
Coverage Assessment:	Good (should be able to cover all cases)
Target Type:	ENVELOPE
Test Target:	Any message that contains a MakeConnection element in the Body
Test co-Target(s):
Test Prerequisite:
Predicate:	The [target] contains an mc:MakeConnection/mc:Address child element whose value is an instance of the MC Anonymous URI template (ie. starts with 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=' ).
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	Run some request/response tests and set the wsa:ReplyTo of the request messages (from a non-addressable endpoint) to an instance of the MC Anonymous URI Template.

Test Assertion:	RSP2110
Description:
Target:	//wsil:messageContents/:Envelope[:Body/wsmc:MakeConnection/wsmc:Address]
Predicate:	fn:contains(xsd:string(*:Body/wsmc:MakeConnection/wsmc:Address), 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=')
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The Envelope contains an wsmc:MakeConnection/wsmc:Address child element whose value is not an instance of the MC Anonymous URI template (ie. does not start with 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=' )
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2113
General Notes:	To ensure all of the RM features can be used, even when a non-addressable endpoint is used, the RSP requires implementations to use an instance of the MC Anonymous URI in the CS/Offer/Endpoint EPR.
Coverage Assessment:	Good (should be able to cover all cases)
Target Type:	ENVELOPE
Test Target:	A CreateSequence message that contains an Offer element.
Test co-Target(s):
Test Prerequisite:
Predicate:	The [target] does not have a CreateSequence/Offer/wsa:Address element with a value of wsa:Anonymous or wsa:None.
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	Run some reliable request/response tests where the client is non-addressable and make sure the CreateSequence contains an Offer.

Test Assertion:	RSP2113
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body/wsrm:CreateSequence/wsrm:Offer and (fn:contains(xsd:string(:Body/wsrm:CreateSequence/wsrm:Offer/wsrm:Endpoint/:Address), 'anonymous') or fn:contains(xsd:string(:Body/wsrm:CreateSequence/wsrm:Offer/wsrm:Endpoint/:Address), 'none'))]
Predicate:	fn:contains(xsd:string(:Body/wsrm:CreateSequence/wsrm:Offer/wsrm:Endpoint/:Address), 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=')
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The CreateSequence message is Offering a sequence and provides an Endpoint address that does not indicate an addressable endpoint, yet that is not an MC Anonymous URI.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0020
General Notes:	The most obvious case is of an endpoint automatically closing an offered sequence (for which it acts as an RMS) after the offering sequence was closed by the other endpoint. (RMS of the offering). Difference ni test envts: (a) controlled env: can be sure the other endpoint did NOT decide to close the offered sequence. (b) uncontrolled envt: cannot be sure of this...: warning only.
Coverage Assessment:	fair
Target Type:
Test Target:	A SOAP Envelope that contains a CloseSequence or TerminateSequence, related to a sequence that was created by the same sender using a CreateSequence containing an Offer.
Test co-Target(s):
Test Prerequisite:
Predicate:	There is no CloseSequence or TerminateSequence for the offered sequence , that is generated by the destination endpoint (of the offering sequence), in response to its termination via the [target message].
Prescription:	mandatory
Reporting:	true=passed, false=warning
Test Control:	Initiate a Secure Sequence (wsrm:CreateSequence element with an Offer). The RMD sends back CSR with an Accept. Then RMS is sending messages over this sequence, and termiantes the sequence. The RMD is NOT instructed to terminate the Offered sequence.

Test Assertion:	RSP0020
Description:
Target:
Predicate:
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0101
General Notes:	NOTE1:The TA should only apply when there is evidence of message resending. NOTE2: "continuation of resending" is hard to evaluate.
Coverage Assessment:	Partial
Target Type:	ENVELOPE(CS or CSR)
Test Target:	For either a CloseSequence message or a CloseSequenceResponse message sent by RMS, and if there is evidence of resending for a message sent before this CloseSequence[Response], over this sequence.
Test co-Target(s):
Test Prerequisite:
Predicate:	The same message is NOT resent after the CloseSequence[Response] was sent.
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	The RM resending parameters are set in a way that a message capture log can reflect the actual resending over time. Sequence must be closed by RMD or RMD, before the resending schedule expires.

Test Assertion:	RSP0101
Description:
Target:	//wsil:messageContents/:Envelope [:Body/wsrm:CloseSequence or :Body/wsrm:TerminateSequence] [some $seqid in :Body//wsrm:Identifier satisfies some $env1 in ./preceding:::Envelope[:Header/wsrm:Sequence/wsrm:Identifier = $seqid] satisfies $env1/preceding:::Envelope[:Header/wsrm:Sequence/wsrm:Identifier = $seqid and :Header/wsrm:Sequence/wsrm:MessageNumber = $env1/:Header/wsrm:Sequence/wsrm:MessageNumber ] ]
Predicate:	not ( some $seqid in ./:Body//wsrm:Identifier satisfies (some $env1 in ./preceding:::Envelope[:Header/wsrm:Sequence/wsrm:Identifier = $seqid ] satisfies (./following:::Envelope[:Header/wsrm:Sequence/wsrm:Identifier = $seqid and :Header/wsrm:Sequence/wsrm:MessageNumber = $env1/*:Header/wsrm:Sequence/wsrm:MessageNumber ])) )
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A CloseSequence message or a TerminateSequence message was sent by RMS for a sequence that contains messages that have been resent. But the resending has not stopped after these terminating messages have been logged.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0102
General Notes:	NOTE1: a message should be intercepted, causing a gap in the Ack ranges. Regardless of how long the delay before resending , the message must finally be acknowledged if sequence not closed.
Coverage Assessment:	Good
Target Type:	ENVELOPE(with RM header)
Test Target:	For a message that is a resend, in a RM sequence that is not closed or terminated yet.
Test co-Target(s):
Test Prerequisite:
Predicate:	The message is not faulted by the RMD, AND the next acknowledgement shows it has been acknowledged.
Prescription:	mandatory
Reporting:	(default)
Test Control:	MIM to block messages, to cause significant delay in resending.

Test Assertion:	RSP0102
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Header/wsrm:Sequence = preceding:::Envelope/:Header/wsrm:Sequence] [some $tgenv in . satisfies not( some $clseq in $tgenv/preceding:::Envelope[:Body/wsrm:CloseSequence or :Body/wsrm:TerminateSequence ] satisfies $clseq/:Body//wsrm:Identifier = $tgenv/*:Header/wsrm:Sequence/wsrm:Identifier ) ]
Predicate:	( some $env in following:::Envelope[:Header/wsrm:SequenceAcknowledgement/wsrm:Identifier = $target/:Header/wsrm:Sequence/wsrm:Identifier] satisfies some $ackrange in $env/:Header/wsrm:SequenceAcknowledgement/wsrm:AcknowledgementRange satisfies ($ackrange/@Lower le $target/:Header/wsrm:Sequence/wsrm:MessageNumber and $ackrange/@Upper ge $target/:Header/wsrm:Sequence/wsrm:MessageNumber) ) and not (/wsil:testLog/wsil:messageLog/wsil:message[ (@type = 'response' and @conversation = $target/../../@conversation) or (.//:Envelope/:Header/wsa:RelatesTo[not (@RelationshipType) or ( @RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' ) ] = $target/:Header/wsa:MessageID)] /wsil:messageContents/:Envelope/:Body/:Fault )
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	Warning: One of these two conditions occurred: (a) A resent message (reliable messaging) was not acknowledged before the closing/termination of the RM sequence, or (b) the resent message was faulted. In both cases, this could be a sign that the receiving RMD did not accept the resent message: to investigate further.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0110
General Notes:	: The test assertion can just focus on the CreateSequence. Assume the CS message has wsa:MessageID, do we expect the same wsa:MessageID to be found in the resend, like R0120 requires for regular traffic messages? I don't think so. All we are interested in, is seeing the RMS resending on its own a CS (possibly different, even the seq ID in the "Offer" might have during such resending). When used in a controoled test envt (see "Test Control") it is best to set ReplyTo anon for the CS. But in a more general situation, one should also test for the "non-anon" case which is most likely to NOT be answered as it requires a new connection.
Coverage Assessment:	fair
Target Type:
Test Target:	A SOAP Envelope that contains a CreateSequence, that has not been replied to (no CSR). NOTE: Both reply cases (anon ReplyTo and non-anon) must be considered.
Test co-Target(s):
Test Prerequisite:
Predicate:	There is a CS iniitated by same endpoint as for the [target message], with same characteristics (e.g. w/o Offer, and wsa headers) that follows the non-answered [target message].
Prescription:	mandatory
Reporting:	true=passed, false=warning
Test Control:	Two test envts are possible: (a) an RMS initiating a sequence with a destination endpoint that is simply not RM-enabled (so no CSR will ever come back), (b) an RMS initiating a sequence with an RM-enabled destination. but an interception tool is capturing and dropping the CSR. NOTE: only (b) can be used for testing all lifecycle messages and not just CS. Also, both reply cases - anon and non-anon - must be considered.

Test Assertion:	RSP0110
Description:
Target:
Predicate:
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	COM0200
General Notes:	untestable without ESP, hard to simulate an rmd autonomous decision to discontinue a sequence hard to impossible.
Coverage Assessment:
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:
Test Control:

Test Assertion:	COM0200
Description:
Target:
Predicate:
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	COM0500
General Notes:	very hard to stimulate if at all (a heck of a lot of work)
Coverage Assessment:
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:
Test Control:

Test Assertion:	COM0500
Description:
Target:
Predicate:
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0501
General Notes:	Section 3.9 of WS-RM says that, when AcksTo is anonymous, the only way to transmit acknowledgments is over the back-channel created by an STM that is within the sequence to which the ack applies. The text in WS-RM applies to all acknowledgements. This requirement highlights piggybacked acknowledgments as a special case of this general rule. Crafting an assertion that checks for violation of this requirement should be fairly straightforward. However, to have any meaningful coverage, we need test scenarios that create an environment capable of stimulating the incorrect behavior. Essentially we need scenarios in which a single client/RMS creates two or more sequences with a single server/RMS using anonymous AcksTos in all the sequences and sends a either a series of one-way message or a series of request-response messages. To keep things simple, this later variation should not include reliability for the response messages
Coverage Assessment:	Partial (piggybacking difficult to stimulate).
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope in which: a. One or more SequenceAcknowledgment headers appear. b. The Body is not empty. c. The value of wsa:To is http://www.w3.org/2005/08/addressing/anonymous or in which wsa:To is absent. d. Transmitted in the body of an HTTP Response.
Test co-Target(s):
Test Prerequisite:
Predicate:	The value of each /wsrm:SequenceAcknowledgment/wsrm:Identifier element in the [target] matches the value of the /wsrm:Sequence/wsrm:Identifier in the message contained in the corresponding HTTP Request.
Prescription:	mandatory
Reporting:
Test Control:	Scenario: x.x.x Reliable_One_Way_Requests_Anon_AcksTo_Multiple_Sequences The client creates two sequences to the service in the identical way; the CreateSequence message contains an anonymous AcksTo and there is no Offer. The service supports a one-way message. The client reliably sends a number of messages to the service, alternating the sequence for each message. Scenario: x.x.x Reliable_Requests_Unreliable_Response_Anon_AcksTo_Multiple_Sequences The client creates two sequences to the service in the identical way; the CreateSequence message contains an anonymous AcksTo and there is no Offer. The service is configured to support reliable-request/non-reliable response. The client reliably sends a number of messages to the service, alternating the sequence for each message.

Test Assertion:	RSP0501
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Header/wsrm:SequenceAcknowledgement and (some $tgt in . satisfies some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence/wsrm:AcksTo/wsa:Address = 'http://www.w3.org/2005/08/addressing/anonymous'] satisfies (some $csr in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequenceResponse] satisfies ($tgt/:Header/wsrm:SequenceAcknowledgement/wsrm:Identifier = $csr/:Body/wsrm:CreateSequenceResponse/wsrm:Identifier and ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID)))) ]
co-Target: myRequestMsg	/wsil:testLog/wsil:messageLog/wsil:message [@type = 'request' and (@conversation = $target/../../@conversation or .//*:Header/wsa:MessageID = $target//wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)]) ]
Prerequisite:	not ($myRequestMsg/wsil:messageContents/:Envelope/:Body/wsmc:MakeConnection )
Predicate:	($target/../../@type = 'response') and ((every $seqack in $target/:Header/wsrm:SequenceAcknowledgement satisfies ($seqack/wsrm:Identifier = $myRequestMsg//:Envelope/:Header/wsrm:Sequence/wsrm:Identifier)) or ($target/:Body/wsrm:TerminateSequenceResponse/wsrm:Identifier = $myRequestMsg//:Envelope/:Body/wsrm:TerminateSequence/wsrm:Identifier) or ($target/:Body/wsrm:CloseSequenceResponse/wsrm:Identifier = $myRequestMsg//:Envelope/:Body/wsrm:CloseSequence/wsrm:Identifier)) and ($target/:Header/wsa:To = 'http://www.w3.org/2005/08/addressing/anonymous' or not($target/*:Header/wsa:To) )
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A sequence acknowledgement message related to an RM Sequence defined with an AcksTo element set to wsa:AnonymousURI, was either sent back over an HTTP request, or was sent as a response to an HTTP request that did not carry a message sent reliably over the same RM Sequence.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0510
General Notes:	As the explanatory text describes, this requirement is about enforcing the following invariant: for Sequences in which the AcksTo EPR contains ReferenceParameters, any message containing SequenceAcknowledgement header(s) for such Sequences will also contain the AcksTo/wsa:ReferenceParameters in its SOAP headers. It is possible to create a test assertion for this requirement by correlating SequenceAcknowlement headers against the CreateSequence message for the Sequence to which they apply and checking for the presence of reflected reference parameter elements. As with the test for R0501, the problem lies in the test coverage. Without specific knowledge of an implementation, it is difficult to guess what might trigger it to piggyback acknowledgements. The best that can be done is to run test scenarios that create Sequences in which the AcksTo EPR contains reference parameters and see if there are any cases in which the SequenceAcknowledgment is not accompanied by the reflected reference parameter headers.
Coverage Assessment:	Partial (piggybacking difficult to stimulate).
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope in which: a. One or more SequenceAcknowledgment headers appear. b. The Body is a not empty. c. The Sequence identified by /wsrm:SequenceAcknowledgment/wsrm:Identifier was created by a CreateSequence message in which /wsrm:CreateSequence/wsrm:AcksTo/wsa:ReferenceParameters was not empty.
Test co-Target(s):
Test Prerequisite:
Predicate:	The value of each child element of /wsrm:CreateSequence/wsrm:AcksTo/wsa:ReferenceParameters must appear as a SOAP Header in the [target] and must be annotated with the wsa:IsReferenceParameter attribute. No other SOAP Headers besides these should be so annotated.
Prescription:	mandatory
Reporting:
Test Control:	(additional scenarios) Scenario: x.x.x Reliable_Request_Response_AcksTo_RefParm The client creates a sequence to the service with a CreateSequence message that contains a non-anonymous AcksTo with ReferenceParameters. The CreateSequence may or may not contain an Offer. The service supports reliable requests and either reliable or non-reliable responses. The client reliably sends a number of messages to the service. The /wsa:ReplyTo/wsa:Address for all these request should be identical to the /wsrm:CreateSequence/wsrm:AcksTo/wsa:Address but the /wsa:ReplyTo/wsa:ReferenceParameters should alternate between a set that is identical to /wsrm:CreateSequence/wsrm:AcksTo/wsa:ReferenceParameters and a set that is different.

Test Assertion:	RSP0510
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [ :Header[wsrm:SequenceAcknowledgement and not(:Header/wsse:Security//xenc:ReferenceList)] and :Body[node() and not(:Fault) and not(wsrm:)]] [ some $tgt in . satisfies some $csr in /wsil:testLog/wsil:messageLog/wsil:message//:Envelope[:Body/wsrm:CreateSequenceResponse][$tgt/:Header/wsrm:SequenceAcknowledgement/wsrm:Identifier = :Body/wsrm:CreateSequenceResponse/wsrm:Identifier] satisfies some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence] satisfies ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID)]
co-Target: mycreateseq	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ (:Body/wsrm:CreateSequence and (: --- case CS/CSR not encrypted --- :) (some $cs in . satisfies (some $csr in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequenceResponse] satisfies ($target/:Header/wsrm:SequenceAcknowledgement/wsrm:Identifier = $csr/:Body/wsrm:CreateSequenceResponse/wsrm:Identifier and ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID))))) ]
Predicate:	not($mycreateseq/:Body/wsrm:CreateSequence/wsrm:AcksTo/wsa:ReferenceParameters[])
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	Warning: a SequenceAcknowledgement message is piggybacked, while relating to a sequence with wsrm:CreateSequence/wsrm:AcksTo value containing reference parameters. This is only allowed if the RMD is able to compare the value of the ReferenceParameters elements in order to determine if the piggybacking is appropriate.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0620a
General Notes:	For SOAP11
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope in which any of the following appear: a. wsrm:SequenceTerminated b. wsrm:UnknownSequence c. wsrm:InvalidAcknowledgment d. wsrm:MessageNumberRollover e. wsrm:CreateSequenceRefused f. wsrm:SequenceClosed g. wsrm:WSRMRequired
Test co-Target(s):
Test Prerequisite:
Predicate:	The [target] does not contain a wsrm:Sequence header.
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	TBD – a scenario that causes either a wsrm:SequenceTerminated or wsrm:UnknownSequence fault.

Test Assertion:	RSP0620a
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body/:Fault] [some $fc in :Header/:SequenceFault/:FaultCode satisfies (fn:namespace-uri-for-prefix(fn:substring-before($fc,':' ) , . ) = 'http://docs.oasis-open.org/ws-rx/wsrm/200702') or ( fn:substring-after($fc,':' ) eq 'SequenceTerminated' or fn:substring-after($fc,':' ) eq 'UnknownSequence' or fn:substring-after($fc,':' ) eq 'InvalidAcknowledgment' or fn:substring-after($fc,':' ) eq 'CreateSequenceRefused' or fn:substring-after($fc,':' ) eq 'MessageNumberRollover' or fn:substring-after($fc,':' ) eq 'SequenceClosed' or fn:substring-after($fc,':' ) eq 'WSRMRequired' )]
Predicate:	not(./:Header ) or ./:Header[not (wsrm:Sequence) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A SOAP11 wsrm error message contains a wsrm:Sequence header.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0620b
General Notes:	For SOAP12
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope in which any of the following appear: a. wsrm:SequenceTerminated b. wsrm:UnknownSequence c. wsrm:InvalidAcknowledgment d. wsrm:MessageNumberRollover e. wsrm:CreateSequenceRefused f. wsrm:SequenceClosed g. wsrm:WSRMRequired
Test co-Target(s):
Test Prerequisite:
Predicate:	The [target] does not contain a wsrm:Sequence header.
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	TBD – a scenario that causes either a wsrm:SequenceTerminated or wsrm:UnknownSequence fault.

Test Assertion:	RSP0620b
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body/:Fault] [some $fc in :Body/:Fault//:Value satisfies (fn:namespace-uri-for-prefix(fn:substring-before($fc,':' ) , . ) = 'http://docs.oasis-open.org/ws-rx/wsrm/200702') or ( fn:substring-after($fc,':' ) eq 'SequenceTerminated' or fn:substring-after($fc,':' ) eq 'UnknownSequence' or fn:substring-after($fc,':' ) eq 'InvalidAcknowledgment' or fn:substring-after($fc,':' ) eq 'MessageNumberRollover' or fn:substring-after($fc,':' ) eq 'CreateSequenceRefused' or fn:substring-after($fc,':' ) eq 'SequenceClosed' or fn:substring-after($fc,':' ) eq 'WSRMRequired' )]
Predicate:	not(./:Header ) or ./:Header[not (wsrm:Sequence) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A SOAP12 wsrm error message contains a wsrm:Sequence header.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	COM0700
General Notes:	not testable since generated faults may not be visible or if testable will never fail
Coverage Assessment:
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:
Test Control:

Test Assertion:	COM0700
Description:
Target:
Predicate:
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0800
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP0800
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body/wsrm:CreateSequence][ some $cs in . satisfies some $mycsr in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body/wsrm:CreateSequenceResponse/wsrm:Identifier = /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope/:Header/wsrm:Sequence/wsrm:Identifier] satisfies ($mycsr/../../@conversation = $cs/../../@conversation) or ($mycsr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID)]
Predicate:	some $mycsr in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body/wsrm:CreateSequenceResponse] [(./../../@conversation = $target/../../@conversation) or (:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $target/:Header/wsa:MessageID)] satisfies some $env in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsrm:Sequence/wsrm:Identifier = $mycsr/:Body/wsrm:CreateSequenceResponse/wsrm:Identifier] satisfies ($env/:Header/wsa:To = $target/*:Header/wsa:To)
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	None of the messages sent in a reliable sequence, has been sent to the same destination endpoint as the CreateSequence message (at least one should be).
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0900
General Notes:	When passing around EPRs (that do not have embedded WSDL) it is not clear which version of SOAP should be used when talking to that EPR. This requirement tries to answer this question at least with respect to RM Acks / AcksTo EPR by requiring the RMD to use the same SOAP version that was used in the originating CS message. This means that the RMD needs to save this information, where before this was not required
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope with a SeqAck Header
Test co-Target(s):
Test Prerequisite:
Predicate:	The [target] has the same SeqID value and SOAP Envelope namespace as the previous message that contains a CreateSequence or CreateSequenceResponse.
Prescription:	mandatory
Reporting:	true=warning, false=passed
Test Control:	Run a reliable request/response application message exchange. Create a sequence using a CreateSequence that includes an Offer element. This will ensure that the messages carrying the Acks in both directions are using the correct SOAP namespace.

Test Assertion:	RSP0900
Description:	This test assertion takes as prerequisite RSP8001, a "base TA" that does match any particular Rxxxx requirement, but matches fundamental requirements from RSP: namely that an Envelope is either under SOAP 1.2 or SOAP 1.1 namespace.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [(:Header/wsrm:SequenceAcknowledgement/wsrm:Identifier = preceding:::Envelope/:Body/wsrm:CreateSequenceResponse/wsrm:Identifier) or (:Body/wsrm:CloseSequenceResponse/wsrm:Identifier = preceding:::Envelope/:Body/wsrm:CreateSequenceResponse/wsrm:Identifier) or (:Body/wsrm:TerminateSequenceResponse/wsrm:Identifier = preceding:::Envelope/:Body/wsrm:CreateSequenceResponse/wsrm:Identifier) or (*:Body/wsrm:CreateSequenceResponse)]
Prerequisite:	RSP8001
Predicate:	some $csr in /wsil:testLog/wsil:messageLog//:Envelope [:Body/wsrm:CreateSequenceResponse/wsrm:Identifier = $target/:Header/wsrm:SequenceAcknowledgement/wsrm:Identifier or (:Body/wsrm:CreateSequenceResponse/wsrm:Identifier = $target/:Body/wsrm:/wsrm:Identifier)] satisfies some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence] satisfies (($cs/../../@conversation = $csr/../../@conversation) or ($csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID)) and fn:namespace-uri($target) = fn:namespace-uri($cs)
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	Some RM Lifecycle message related to a requested sequence (CreateSequence) was sent to the AcksTo EPR with a SOAP version different from the version used for the CreateSequence message.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0540
General Notes:
Coverage Assessment:	Good(should be able to cover all cases)
Target Type:	ENVELOPE
Test Target:	An ENVELOPE containing AckRequested or SequenceAcknowledgement
Test co-Target(s):
Test Prerequisite:
Predicate:	For any ENVELOPE containing AckRequested or SequenceAcknowledgement, and that is piggybacked (Body not empty), then such headers not have mustUnderstand attribute set to true ('1').
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:

Test Assertion:	RSP0540
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ (:Header/wsrm:AckRequested or :Header/wsrm:SequenceAcknowledgement) and not(:Header/wsse:Security//xenc:ReferenceList ) and :Body[element() and not(.//:EncryptedData) ]]
Predicate:	not (:Header/wsrm:AckRequested/attribute:::mustUnderstand = '1') and not (:Header/wsrm:AckRequested/attribute:::mustUnderstand = 'true') and not (:Header/wsrm:SequenceAcknowledgement/attribute:::mustUnderstand = '1') and not (:Header/wsrm:SequenceAcknowledgement/attribute:::mustUnderstand = 'true')
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	Some message containing AckRequested or SequenceAcknowledgement has mustUnderstand attribute set to true ('1'), while these headers were piggybacked on another message.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP0901
General Notes:	The possible lifecycle messages covered by this requirement are: CloseSequence and TerminateSequence. Similar to R0900, its not clear what version of SOAP should be used when sending messages to the CS/Offer/Endpoint EPR. This requirement would require an RMD to save the SOAP version of the CS and use that same version of any Close or Terminate Sequence messages sent to the CS/Offer/Endpoint EPR
Coverage Assessment:	Good(should be able to cover all cases)
Target Type:	ENVELOPE
Test Target:	A CloseSequence or TerminateSequence message
Test co-Target(s):
Test Prerequisite:
Predicate:	For any message that contains a CloseSequence or TerminateSequence element in the Body, extract the SeqID value and find (in a previous message) a CreateSequence, or CreateSequenceResponse, that references this SeqID. The namespace of the SOAP Envelope elements of these messages MUST be the same
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	Run a reliable request/response application message exchange. Create a sequence using a CreateSequence that includes an Offer element. To ensure the CloseSequence message is tested we could make sure there's a gap in the request sequence then have the RMS send a Close. This should cause the service to close the response sequence before it terminates it. Question: is there a RSP requirement that covers the non-Offered case? Seems like there should be but I can't find it

Test Assertion:	RSP0901
Description:	This test assertion takes as prerequisite RSP8001, a "base TA" that does match any particular Rxxxx requirement, but matches fundamental requirements from RSP: namely that an Envelope is either under SOAP 1.2 or SOAP 1.1 namespace.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [(:Header/wsrm:AckRequested/wsrm:Identifier = preceding:::Envelope/:Body/wsrm:CreateSequence/wsrm:Offer/wsrm:Identifier) or (:Body/wsrm:CloseSequence/wsrm:Identifier = preceding:::Envelope/:Body/wsrm:CreateSequence/wsrm:Offer/wsrm:Identifier) or (:Body/wsrm:TerminateSequence/wsrm:Identifier = preceding:::Envelope/:Body/wsrm:CreateSequence/wsrm:Offer/wsrm:Identifier) ]
Prerequisite:	RSP8001
Predicate:	some $cs in preceding:::Envelope [:Body/wsrm:CreateSequence/wsrm:Offer/wsrm:Identifier = $target/:Header/wsrm:AckRequested/wsrm:Identifier or (:Body/wsrm:CreateSequence/wsrm:Offer/wsrm:Identifier = $target/:Body/wsrm:/wsrm:Identifier)] satisfies fn:namespace-uri($target) = fn:namespace-uri($cs)
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	Some RM Lifecycle message related to an offered sequence (CreateSequence) was sent to the CreateSequence/Offer/Endpoint EPR with a SOAP version different from the version used for the CreateSequence message.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1000
General Notes:	NOTE1: We are not sure how to stimulate this fault. we might be able to send a particular token that we do not expect any service to (willingly) support. or we could send all of the type of well known tokens and report those that are not supported by a particular implementation report this specific fault. can test only those tokens we make up or know about (cannot test all potential custom tokens)
Coverage Assessment:	Partial
Target Type:	ENVELOPE (Fault)
Test Target:	fault returned instead of response to unknown RST, (correlation done with wsa)
Test co-Target(s):
Test Prerequisite:
Predicate:	Exists a Fault message that correlates, with faultcode=stated in requirement
Prescription:	mandatory
Reporting:	true=passed, false=warning
Test Control:	generate (or MIM intercept and corrupt) RST that can't be supported.

Test Assertion:	RSP1000
Description:
Target:
Predicate:
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1100
General Notes:	NOTE1: the predicate is weaker than the profile req, hence true=undetermined, but false= a sure failure.
Coverage Assessment:	Partial
Target Type:	ENVELOPE (with wst:RST)
Test Target:	For an Envelope with RST and action URI=....
Test co-Target(s):
Test Prerequisite:
Predicate:	It has Security header that references SOAP body.
Prescription:	mandatory
Reporting:	true=undetermined, false=fail
Test Control:	Text env: must implement RMS->scenario to generate the TA context

Test Assertion:	RSP1100
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body//wst:RequestSecurityToken and *:Header/wsa:Action eq 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Amend']
Predicate:	some $dsig in $target/:Header/wsse:Security//ds:Signature satisfies ($dsig//ds:Reference[fn:substring-after(@URI, '#') eq $target/@wsu:Id]) or ( ($dsig//ds:Reference[fn:substring-after(@URI, '#') eq $target/:Header/@wsu:Id] or (every $cruxp in $target/:Header/wsrm: \| $target/:Header/wsa: satisfies some $ref in $dsig//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $cruxp/@wsu:Id)) and ( $dsig//ds:Reference[fn:substring-after(@URI, '#') eq $target/:Body/@wsu:Id] or (every $cruxp in $target/:Body/* satisfies some $ref in $dsig//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $cruxp/@wsu:Id )) )
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	An ENVELOPE containing a wst:RequestSecurityToken for amending a Security Context, does not contain a Signature element in a wsse header that references both the SOAP body (using @wsu:Id) and crucial wsrm or wsa headers.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	COM1101
General Notes:	untestable due to key comparison issue. Same for R1111, R1121.
Coverage Assessment:
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:
Test Control:

Test Assertion:	COM1101
Description:
Target:
Predicate:
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1110
General Notes:	NOTE1: the predicate is weaker than the profile req, hence true=undetermined, but false= a sure failure.
Coverage Assessment:	Partial
Target Type:	ENVELOPE
Test Target:	For an Envelope with RST and action URI=....
Test co-Target(s):
Test Prerequisite:
Predicate:	It has Security header that references SOAP body.
Prescription:	mandatory
Reporting:	true=undetermined, false=fail
Test Control:	Text env: must implement RMS->scenario to generate the TA context

Test Assertion:	RSP1110
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body//wst:RequestSecurityToken and *:Header/wsa:Action eq 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Renew']
Predicate:	some $dsig in $target/:Header/wsse:Security//ds:Signature satisfies ($dsig//ds:Reference[fn:substring-after(@URI, '#') eq $target/@wsu:Id]) or ( ($dsig//ds:Reference[fn:substring-after(@URI, '#') eq $target/:Header/@wsu:Id] or (every $cruxp in $target/:Header/wsrm: \| $target/:Header/wsa: satisfies some $ref in $dsig//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $cruxp/@wsu:Id)) and ( $dsig//ds:Reference[fn:substring-after(@URI, '#') eq $target/:Body/@wsu:Id] or (every $cruxp in $target/:Body/* satisfies some $ref in $dsig//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $cruxp/@wsu:Id )) )
Reporting:	true=warning, false=failed
Prescription:	mandatory
Error Message:	An ENVELOPE containing a wst:RequestSecurityToken for renewing a Security Context, does not contain a Signature element in a wsse header that references both the SOAP body (using @wsu:Id) and crucial wsrm or wsa headers.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1120
General Notes:	NOTE1: the predicate is weaker than the profile req, hence true=undetermined, but false= a sure failure.
Coverage Assessment:	Partial
Target Type:	ENVELOPE
Test Target:	For an Envelope with RST and action URI=....
Test co-Target(s):
Test Prerequisite:
Predicate:	It has Security header that references SOAP body.
Prescription:	mandatory
Reporting:	true=undetermined, false=fail
Test Control:	Text env: must implement RMS->scenario to generate the TA context

Test Assertion:	RSP1120
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [:Body//wst:RequestSecurityToken and *:Header/wsa:Action eq 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Cancel']
Predicate:	some $dsig in $target/:Header/wsse:Security//ds:Signature satisfies ($dsig//ds:Reference[fn:substring-after(@URI, '#') eq $target/@wsu:Id]) or ( ($dsig//ds:Reference[fn:substring-after(@URI, '#') eq $target/:Header/@wsu:Id] or (every $cruxp in $target/:Header/wsrm: \| $target/:Header/wsa: satisfies some $ref in $dsig//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $cruxp/@wsu:Id)) and ( $dsig//ds:Reference[fn:substring-after(@URI, '#') eq $target/:Body/@wsu:Id] or (every $cruxp in $target/:Body/* satisfies some $ref in $dsig//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $cruxp/@wsu:Id )) )
Reporting:	true=warning, false=failed
Prescription:	mandatory
Error Message:	An ENVELOPE containing a wst:RequestSecurityToken for canceling a Security Context, does not contain a Signature element in a wsse header that references both the SOAP body (using @wsu:Id) and crucial wsrm or wsa headers.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1121
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=pass, false=fail
Test Control:

Test Assertion:	RSP1121
Description:
Target:
Predicate:
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1200
General Notes:
Coverage Assessment:	Partial
Target Type:	ENVELOPE
Test Target:	For an Envelope with RST/SCT/renew action URI
Test co-Target(s):
Test Prerequisite:
Predicate:	It correlates with RSTR/SCT that correlates with original RST and renew that has auth mechanism
Prescription:	mandatory
Reporting:	true=warning, false=warning
Test Control:

Test Assertion:	RSP1200
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[./:Body//wst:RequestSecurityToken and ./*:Header/wsa:Action eq 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Renew']
co-Target: myOriginalRSTR	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body//wst:RequestSecurityTokenResponse and :Header/wsa:Action eq 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/SCT'] [:Body//wst:RequestSecurityTokenResponse/wst:RequestedSecurityToken/wssc:SecurityContextToken/wssc:Identifier = $target/*:Body//wst:RequestSecurityToken/wst:RenewTarget/wsse:SecurityTokenReference/wsse:Reference/@URI ]
Predicate:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body//wst:RequestSecurityToken and :Header/wsa:Action eq 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT'] [(../../@conversation = $myOriginalRSTR/../../@conversation) or ($myOriginalRSTR/:Header/wsa:RelatesTo[not (@RelationshipType) or ( @RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' )] = ./:Header/wsa:MessageID) ]/:Header/wsse:Security/ds:Signature/ds:KeyInfo//wsse:Reference/@URI = $target/*:Header/wsse:Security/ds:Signature/ds:KeyInfo//wsse:Reference/@URI
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A renew security context message did not correlate with an original RST token issuance request that used the same authentication mechanism - i.e. here a Signature with KeyInfo that refer to same certificate ID.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1001
General Notes:	This is a scenario-dependent TA: it only triggers on "non-recognized" content of a certain kind: element with a namespace = http://dummy.example.org/unknown/nmspace
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	For an Envelope with an SCT that has been obtained from a previous RSTR message, where the SCT did first appear with an unrecognizable content
Test co-Target(s):
Test Prerequisite:
Predicate:	The used SCT still has the same unrecognizable content.
Prescription:	mandatory
Reporting:	true=pass, false=failed
Test Control:	scenario to provide context.

Test Assertion:	RSP1001
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope [ some $sct in :Header//wssc:SecurityContextToken satisfies some $sct0 in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope//wst:RequestSecurityTokenResponse//wssc:SecurityContextToken satisfies $sct0/wssc:Identifier = $sct/wssc:Identifier and (some $elt in $sct0// satisfies string(fn:namespace-uri($elt)) = 'http://dummy.example.org/unknown/nmspace') ]
Predicate:	some $elt in $target/:Header//wssc:SecurityContextToken// satisfies string(fn:namespace-uri($elt)) = 'http://dummy.example.org/unknown/nmspace'
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	An Envelope with an SCT that originally contained an unrecognizable content (with unrecognizable namespace: http://dummy.example.org/unknown/nmspace') has been stripped from this unrecognizable content when reused.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1300
General Notes:	NOTE1:Type=Feature Usage. NOTE2: investigate ways at improving the context. NOTE3: coverage is good, but possiblemany false negatives
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	For an Envelope with wssc:Security or RST or RSTR and with SCT refs
Test co-Target(s):
Test Prerequisite:
Predicate:	In the envelope, there exists wssc:STR/ref [@URI does not start with "#"]
Prescription:	mandatory
Reporting:	true=pass, false=warning
Test Control:	scenario to provide context.

Test Assertion:	RSP1300
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsse:Security//wssc:SecurityContextToken or .//wst:RequestSecurityTokenReponse//wssc:SecurityContextToken or .//wst:RequestSecurityToken//wssc:SecurityContextToken][.//wsse:SecurityTokenReference/wsse:Reference/@URI] [some $tgt in . satisfies some $resp in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap11:Envelope satisfies ($resp/../../@conversation = $tgt/../../@conversation) or ($resp/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $tgt/:Header/wsa:MessageID)]
Predicate:	not( wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[(./../../@conversation = $target/../../@conversation) or (:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $target/:Header/wsa:MessageID)][:Body/*:Fault] )
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	An Envelope with wssc:Security or RST or RSTR and with SecurityContextToken that have either message dependent or independent message references, has been Faulted. User should verify that it is not faulted because of the receiver not supporting some type of message reference (either message dependent or independent message reference)
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1310
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	For an Envelope with wsc:DKT
Test co-Target(s):
Test Prerequisite:
Predicate:	there exists DKT/STR and there exists a message with (SCT/identifier=STR/Refrence@URI)
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP1310
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsse:Security//wssc:DerivedKeyToken/wsse:SecurityTokenReference]
Predicate:	(some $rstr in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope satisfies $rstr/:Header/wsa:Action eq 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/SCT' ) and $target/*:Header/wsse:Security//wssc:DerivedKeyToken/wsse:SecurityTokenReference/wsse:Reference/@URI
Reporting:	true=warning, false=failed
Prescription:	mandatory
Error Message:	In case of warning: the test is inconclusive as the related RequestSecurityTokenResponse content could not be accessed. In case of failure: an Envelope with wsc:DerivedKeyToken does not refer (with wsse:SecurityTokenReference) to a wssc:SecurityContextToken returned in a RequestSecurityTokenResponse message, or the related RequestSecurityTokenResponse message is missing.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3010
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:	For an Envelope that contains a wsrm:CreateSequence element that has security token ref
Test co-Target(s):
Test Prerequisite:
Predicate:	Envelope includes the UsesSequenceSTR header
Prescription:	mandatory
Reporting:	(default)
Test Control:	scenario provide the expected "context" (manipulate content of CreateSequence)

Test Assertion:	RSP3010
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference]
Predicate:	./*:Header/wsrm:UsesSequenceSTR
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	An Envelope that contains a wsrm:CreateSequence element that has a security token reference (wsse:SecurityTokenReference) does not include the UsesSequenceSTR header.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3100a
General Notes:	The signature elt contains a key ref that points to CreateSequence (the CS defining a Secured RM Sequence), and either (a) the sig signs directly the Body, or (b) signs another sig element with same key ref, that itself references the Body.
Coverage Assessment:	Partial
Target Type:	ENVELOPE
Test Target:	In an Envelope that belong to a secured RM seq. (has a related qualifying CS that contains UsesSequenceSTR)
Test co-Target(s):
Test Prerequisite:
Predicate:	(negative case) there is a sig element that signs the seq Header that does not also reference the Body OR there is no element that signs the body
Prescription:	mandatory
Reporting:	true=fail, false=undetermined
Test Control:

Test Assertion:	RSP3100a
Description:	Case non-encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsse:Security and :Header/wsrm:Sequence and not(:Header/wsse:Security//xenc:ReferenceList)][ some $tgt in . satisfies some $csr in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[$tgt/:Header/wsrm:Sequence/wsrm:Identifier = :Body/wsrm:CreateSequenceResponse/wsrm:Identifier] satisfies some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference] satisfies ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/*:Header/wsa:MessageID)]
Predicate:	some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies (fn:substring-after($ref/@URI, '#') = $target/:Header/wsrm:Sequence/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/*:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id)
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	In an Envelope that belong to a secured RM sequence the wsrm:Sequence element is not signed. (Case with wsrm:CSR non-encrypted)
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3100b
General Notes:	The signature elt contains a key ref that points to CreateSequence (the CS defining a Secured RM Sequence), and either (a) the sig signs directly the Body, or (b) signs another sig element with same key ref, that itself references the Body.
Coverage Assessment:	Partial
Target Type:	ENVELOPE
Test Target:	In an Envelope that belong to a secured RM seq. (has a related qualifying CS that contains UsesSequenceSTR)
Test co-Target(s):
Test Prerequisite:
Predicate:	(negative case) there is a sig element that signs the seq Header that does not also reference the Body OR there is no element that signs the body
Prescription:	mandatory
Reporting:	true=fail, false=undetermined
Test Control:

Test Assertion:	RSP3100b
Description:	Case encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsrm:Sequence and not(:Header/wsse:Security//xenc:ReferenceList)] [ some $tgt in . satisfies (some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference or (:Header/wsa:Action = 'http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence' and (:Body//:EncryptedData or :Header//xenc:ReferenceList))] satisfies ($cs/:Header/wsa:To = $tgt/:Header/wsa:To and not(/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence[not(wsse:SecurityTokenReference)] and not(:Header/wsse:Security//xenc:ReferenceList) ])))]
Predicate:	some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies (fn:substring-after($ref/@URI, '#') = $target/:Header/wsrm:Sequence/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/*:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id)
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	In an Envelope that belong to a secured RM sequence the wsrm:Sequence element is not signed. (Case with wsrm:CSR encrypted)
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3101a
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=pass, false=fail
Test Control:

Test Assertion:	RSP3101a
Description:	Case non-encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsse:Security and *:Header/wsrm:Sequence]
Prerequisite:	RSP3100a
Predicate:	( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) or ( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies ( fn:substring-after($ref/@URI, '#') = $target/:Body/@wsu:Id and (some $ref2 in $ref/../ds:Reference satisfies ( fn:substring-after($ref2/@URI, '#') = $target/:Header/@wsu:Id or fn:substring-after($ref2/@URI, '#') = $target/*:Header/wsrm:Sequence/@wsu:Id )) ))
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The wsrm:Sequence element is not signed with the same signature as the Body signature, based on existing @wsu:Id references.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3101b
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=pass, false=fail
Test Control:

Test Assertion:	RSP3101b
Description:	Case encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsse:Security and *:Header/wsrm:Sequence]
Prerequisite:	RSP3100b
Predicate:	( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) or ( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies ( fn:substring-after($ref/@URI, '#') = $target/:Body/@wsu:Id and (some $ref2 in $ref/../ds:Reference satisfies ( fn:substring-after($ref2/@URI, '#') = $target/:Header/@wsu:Id or fn:substring-after($ref2/@URI, '#') = $target/*:Header/wsrm:Sequence/@wsu:Id )) ))
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The wsrm:Sequence element is not signed with the same signature as the Body signature, based on existing @wsu:Id references.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2112
General Notes:	This requirement focuses on ensuring that when RM is being used by an anonymous endpoint, that the MC Anonymous URI is used so that the full features of RM can still continue to be used. So: IF MC anon used in request, and same used i response/wsa:To then OK else Fail. IF MC anon not used in request, but regular anon, THEN fail.
Coverage Assessment:	Good (should be able to cover all cases)
Target Type:	ENVELOPE
Test Target:	Any Message sent on an HTTP response flow that contains a wsrm:Sequence Header.
Test co-Target(s):
Test Prerequisite:
Predicate:	The [target] has a wsa:To Header whose value is an instance of the MC Anonymous URI (ie. starts with "http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=").
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	Run some request/response tests and set the wsa:ReplyTo of the request messages (from a non-addressable endpoint) to an instance of the MC Anonymous URI Template.

Test Assertion:	RSP2112
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message[@type = 'response' and .//:Header/wsrm:Sequence][some $resp1 in . satisfies some $req1 in /wsil:testLog/wsil:messageLog/wsil:message[@type = 'request' and (@conversation = $resp1/@conversation or .//:Header/wsa:MessageID = $resp1//wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)]) (: and .//:Header/wsrm:Sequence :) ] satisfies ((fn:contains(xsd:string($req1//:Header/wsa:ReplyTo/wsa:Address), 'anonymous') or not($req1//:Header/wsa:ReplyTo)) and $req1/wsil:messageContents/:Envelope/*:Body/wsmc:MakeConnection) ]
Predicate:	fn:contains(xsd:string(.//*:Header/wsa:To[1]), 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=')
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A Message sent on an HTTP response contains a wsrm:Sequence Header, but the wsa:To Header is not an instance of the MC Anonymous URI (ie. does not start with 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=')
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP2111
General Notes:	This is a test to make sure that messages targeted to the MakeConnection Anonymous URI flow over an HTTP response flow (as opposed to an HTTP request flow).
Coverage Assessment:	Good (should be able to cover all cases)
Target Type:	ENVELOPE
Test Target:	A message with a wsa:To value set to an instance of the MC Anonymous URI template (ie. starts with "http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=" ).
Test co-Target(s):
Test Prerequisite:
Predicate:	The [target] is an HTTP response message.
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	Run some request/response tests and set the wsa:ReplyTo of the request messages (from a non-addressable endpoint) to an instance of the MC Anonymous URI Template.

Test Assertion:	RSP2111
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message[fn:contains(xsd:string(.//*:Header/wsa:To[1]), 'http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=')]
Predicate:	@type = 'response'
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A message with a wsa:To value set to an instance of the MC Anonymous URI template (ie. starts with "http://docs.oasis-open.org/ws-rx/wsmc/200702/anonymous?id=" ) is not sent as an HTTP response.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3102
General Notes:
Coverage Assessment:	Good
Target Type:	ENVELOPE
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	true=pass, false=fail
Test Control:

Test Assertion:	RSP3102
Description:
Target:
Predicate:
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3110a
General Notes:
Coverage Assessment:
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:
Test Control:

Test Assertion:	RSP3110a
Description:	Case non-encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CloseSequence or :Body/wsrm:TerminateSequence or :Body/wsrm:CreateSequenceResponse or :Body/wsrm:TerminateSequenceResponse or :Body/wsrm:CloseSequenceResponse] [ some $tgt in . satisfies some $csr in /wsil:testLog/wsil:messageLog/wsil:message//:Envelope[:Body/wsrm:CreateSequenceResponse][$tgt/:Body//wsrm:Identifier = :Body/wsrm:CreateSequenceResponse/wsrm:Identifier] satisfies some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference] satisfies ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID)]
Predicate:	$target/:Header/wsse:Security[ some $ref in .//ds:Signature//ds:Reference satisfies (fn:substring-after($ref/@URI, '#') = $target/:Body/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The Body of an RM Sequence LifeCycle message that relates to a secure RM sequence is not included in a Signature. (Case non-encrypted CS/CSR)
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3110b
General Notes:
Coverage Assessment:
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:
Test Control:

Test Assertion:	RSP3110b
Description:	Case encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CloseSequence or :Body/wsrm:TerminateSequence or :Body/wsrm:CreateSequenceResponse or :Body/wsrm:TerminateSequenceResponse or :Body/wsrm:CloseSequenceResponse] [ some $tgt in . satisfies (some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference or (:Header/wsa:Action = 'http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence' and (:Body//:EncryptedData or :Header//xenc:ReferenceList))] satisfies not(/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence[not(wsse:SecurityTokenReference)] and not(*:Header/wsse:Security//xenc:ReferenceList) ]))]
Predicate:	$target/:Header/wsse:Security[ some $ref in .//ds:Signature//ds:Reference satisfies (fn:substring-after($ref/@URI, '#') = $target/:Body/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The Body of an RM Sequence LifeCycle message that relates to a secure RM sequence is not included in a Signature. (Case encrypted CS/CSR)
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3114a
General Notes:
Coverage Assessment:
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP3114a
Description:	Case non-encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[(:Header/wsrm:AckRequested or :Header/wsrm:SequenceAcknowledgement) and not(:Header/wsse:Security//xenc:ReferenceList)][ some $tgt in . satisfies some $csr in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequenceResponse][$tgt/:Header//wsrm:Identifier = :Body/wsrm:CreateSequenceResponse/wsrm:Identifier] satisfies some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference] satisfies ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID)]
Prerequisite:	RSP3110a
Predicate:	(not($target/:Header/wsrm:AckRequested) or (some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $target/:Header/wsrm:AckRequested/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id )) and (not($target/:Header/wsrm:SequenceAcknowledgement) or (some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $target/:Header/wsrm:SequenceAcknowledgement/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ))
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The wsrm:AckRequested header that relates to a secure RM sequence is not included in a Signature. (Case with wsrm:CSR non-encrypted)
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3114b
General Notes:
Coverage Assessment:
Target Type:
Test Target:
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP3114b
Description:	Case encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[(:Header/wsrm:AckRequested or :Header/wsrm:SequenceAcknowledgement) and not(:Header/wsse:Security//xenc:ReferenceList) ] [ some $tgt in . satisfies (some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference or (:Header/wsa:Action = 'http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence' and (:Body//:EncryptedData or :Header//xenc:ReferenceList))] satisfies (($cs/:Header/wsa:To = $tgt/:Header/wsa:To or not($tgt/:Header/wsrm:AckRequested)) and not(/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence[not(wsse:SecurityTokenReference)] and not(:Header/wsse:Security//xenc:ReferenceList) ])))]
Prerequisite:	RSP3110b
Predicate:	$target/:Header/wsse:Security[ some $ref in .//ds:Signature//ds:Reference satisfies ((fn:substring-after($ref/@URI, '#') = $target/:Header/wsrm:AckRequested/@wsu:Id or not($target/:Header/wsrm:AckRequested )) and (fn:substring-after($ref/@URI, '#') = $target/:Header/wsrm:SequenceAcknowledgement/@wsu:Id or not($target/:Header/wsrm:SequenceAcknowledgement ))) or fn:substring-after($ref/@URI, '#') = $target/:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The wsrm:AckRequested header or wsrm:SequenceAcknowledgement element that relates to a secure RM sequence is not included in a Signature (Case with wsrm:CSR encrypted).
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3117a
General Notes:
Coverage Assessment:	partial (does not cover UnknownSequence Fault)
Target Type:	ENVELOPE
Test Target:	Envelope with Soap12 Fault. a SOAP12 fault that has in its detail element wsrm identifier that refers to a known Secured Seq
Test co-Target(s):
Test Prerequisite:
Predicate:	like R3110
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP3117a
Description:	Case non-encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap12:Envelope[soap12:Body/soap12:Fault][ some $tgt in . satisfies some $csr in /wsil:testLog/wsil:messageLog/wsil:message//:Envelope[:Body/wsrm:CreateSequenceResponse][$tgt/:Body/soap12:Fault/soap12:Detail//wsrm:Identifier = :Body/wsrm:CreateSequenceResponse/wsrm:Identifier] satisfies some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference] satisfies ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID)]
Predicate:	$target/*:Header/wsse:Security[ some $ref in .//ds:Signature//ds:Reference satisfies (fn:substring-after($ref/@URI, '#') = $target/soap12:Body/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The soap12:Fault element that relates to a secure RM sequence, is not included in a Signature. (Case non-encrypted CS/CSR)
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3117b
General Notes:
Coverage Assessment:	partial (does not cover UnknownSequence Fault)
Target Type:	ENVELOPE
Test Target:	Envelope with Soap12 Fault. a SOAP12 fault that has in its detail element wsrm identifier that refers to a known Secured Seq
Test co-Target(s):
Test Prerequisite:
Predicate:	like R3110
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP3117b
Description:	Case encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap12:Envelope[soap12:Body/soap12:Fault/soap12:Detail//wsrm:Identifier][ some $tgt in . satisfies (some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap12:Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference or (:Header/wsa:Action = 'http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence' and (:Body//:EncryptedData or :Header//xenc:ReferenceList))] satisfies not(/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequence[not(wsse:SecurityTokenReference)] and not(:Header/wsse:Security//xenc:ReferenceList) ]))]
Predicate:	$target/*:Header/wsse:Security[ some $ref in .//ds:Signature//ds:Reference satisfies (fn:substring-after($ref/@URI, '#') = $target/soap12:Body/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The soap12:Fault element that relates to a secure RM sequence, is not included in a Signature. (Case encrypted CS/CSR)
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3120a
General Notes:
Coverage Assessment:	partial (does not cover UnknownSequence Fault)
Target Type:	ENVELOPE
Test Target:	Envelope with Soap11 Fault.
Test co-Target(s):
Test Prerequisite:
Predicate:	like R3100
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP3120a
Description:	Case non encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap11:Envelope[soap11:Header/wsrm:SequenceFault][ some $tgt in . satisfies some $fms in preceding::soap11:Envelope[./../../@conversation = $tgt/../../@conversation or $tgt/soap11:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = ./soap11:Header/wsa:MessageID] satisfies some $csr in $fms/preceding:::Envelope[:Body/wsrm:CreateSequenceResponse][$fms/soap11:Header/wsrm:Sequence/wsrm:Identifier = :Body/wsrm:CreateSequenceResponse/wsrm:Identifier] satisfies some $cs in $csr/preceding:::Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference] satisfies ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/*:Header/wsa:MessageID)]
Predicate:	$target/soap11:Header/wsse:Security[ some $ref in .//ds:Signature//ds:Reference satisfies ( fn:substring-after($ref/@URI, '#') = $target/soap11:Header/wsrm:SequenceFault/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/soap11:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The wsrm:SequenceFault element of a SOAP 1.1 envelope is not signed while referring to a secure RM sequence.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3120b
General Notes:
Coverage Assessment:	partial (does not cover UnknownSequence Fault)
Target Type:	ENVELOPE
Test Target:	Envelope with Soap11 Fault.
Test co-Target(s):
Test Prerequisite:
Predicate:	like R3100
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP3120b
Description:	Case encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap11:Envelope[soap11:Header/wsrm:SequenceFault and not(soap11:Header/wsse:Security//xenc:ReferenceList)][ some $tgt in . satisfies some $fms in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap11:Envelope[./../../@conversation = $tgt/../../@conversation or $tgt/soap11:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = ./soap11:Header/wsa:MessageID] satisfies some $cs in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap11:Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference or (:Header/wsa:Action = 'http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence' and (:Body//:EncryptedData or :Header//xenc:ReferenceList))] satisfies not(/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap11:Envelope[:Body/wsrm:CreateSequence[not(wsse:SecurityTokenReference)] and not(*:Header/wsse:Security//xenc:ReferenceList) ]) ]
Predicate:	$target/soap11:Header/wsse:Security[ some $ref in .//ds:Signature//ds:Reference satisfies ( fn:substring-after($ref/@URI, '#') = $target/soap11:Header/wsrm:SequenceFault/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/soap11:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The wsrm:SequenceFault element of a SOAP 1.1 envelope is not signed while referring to a secure RM sequence.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3120c
General Notes:
Coverage Assessment:	partial (does not cover UnknownSequence Fault)
Target Type:	ENVELOPE
Test Target:	Envelope with Soap11 Fault.
Test co-Target(s):
Test Prerequisite:
Predicate:	like R3100
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP3120c
Description:	Case where CS itself is faulted
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap11:Envelope[soap11:Header/wsrm:SequenceFault and not(soap11:Header/wsse:Security//xenc:ReferenceList)][ some $tgt in . satisfies some $fms in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap11:Envelope[:Body/wsrm:CreateSequence/wsse:SecurityTokenReference or (:Header/wsa:Action = 'http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence' and (:Body//:EncryptedData or *:Header//xenc:ReferenceList))] satisfies ($fms/../../@conversation = $tgt/../../@conversation) or ($tgt/soap11:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $fms/soap11:Header/wsa:MessageID)]
Predicate:	$target/soap11:Header/wsse:Security[ some $ref in .//ds:Signature//ds:Reference satisfies ( fn:substring-after($ref/@URI, '#') = $target/soap11:Header/wsrm:SequenceFault/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/soap11:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The wsrm:SequenceFault element of a SOAP 1.1 envelope is not signed while referring to a secure RM sequence.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3121a
General Notes:
Coverage Assessment:	partial (does not cover UnknownSequence Fault)
Target Type:	ENVELOPE
Test Target:	Envelope with Soap11 Fault. a SOAP11 fault that has in its detail element wsrm identifier that refers to a known Secured Seq
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP3121a
Description:	Case non-encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap11:Envelope[soap11:Header/wsrm:SequenceFault]
Prerequisite:	RSP3120a
Predicate:	$target/soap11:Header/wsse:Security[ some $ref in .//ds:Signature//ds:Reference satisfies ( ( fn:substring-after($ref/@URI, '#') = $target/soap11:Header/wsrm:SequenceFault/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/soap11:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) and (some $ref2 in $ref/../ds:Reference satisfies ( fn:substring-after($ref2/@URI, '#') = $target/soap11:Body/@wsu:Id or fn:substring-after($ref2/@URI, '#') = $target/@wsu:Id ))) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The Body of a SOAP 1.1 message with signed wsrm:SequenceFault element is not covered by the same signature while referring to a secure RM sequence.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3121b
General Notes:
Coverage Assessment:	partial (does not cover UnknownSequence Fault)
Target Type:	ENVELOPE
Test Target:	Envelope with Soap11 Fault. a SOAP11 fault that has in its detail element wsrm identifier that refers to a known Secured Seq
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP3121b
Description:	Case encrypted CS/CSR
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/soap11:Envelope[soap11:Header/wsrm:SequenceFault]
Prerequisite:	RSP3120b
Predicate:	$target/soap11:Header/wsse:Security[ some $ref in .//ds:Signature//ds:Reference satisfies ( ( fn:substring-after($ref/@URI, '#') = $target/soap11:Header/wsrm:SequenceFault/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/soap11:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) and (some $ref2 in $ref/../ds:Reference satisfies ( fn:substring-after($ref2/@URI, '#') = $target/soap11:Body/@wsu:Id or fn:substring-after($ref2/@URI, '#') = $target/@wsu:Id ))) ]
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The Body of a SOAP 1.1 message with signed wsrm:SequenceFault element is not covered by the same signature while referring to a secure RM sequence.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1400
General Notes:
Coverage Assessment:
Target Type:	ENVELOPE
Test Target:	Envelope with a signed body and some wsa headers.
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP1400
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ some $tgt in . satisfies some $ref in :Header/wsse:Security//ds:Signature//ds:Reference satisfies (fn:substring-after($ref/@URI, '#') = $tgt/*:Body/@wsu:Id or fn:substring-after($ref/@URI, '#') = $tgt/@wsu:Id )]
Predicate:	( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $target/:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) or ( every $wsah in $target/:Header/wsa: satisfies some $ref in $target/*:Header/wsse:Security//ds:Signature//ds:Reference satisfies ( fn:substring-after($ref/@URI, '#') = $wsah/@wsu:Id))
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The SOAP Body of a message is signed but some ws-addressing header is not.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1401
General Notes:
Coverage Assessment:	partial (does not cover UnknownSequence Fault)
Target Type:	ENVELOPE
Test Target:	Envelope with Soap11 Fault. a SOAP11 fault that has in its detail element wsrm identifier that refers to a known Secured Seq
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP1401
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsse:Security and :Header/wsa:]
Prerequisite:	RSP1400
Predicate:	( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) or ( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies ( fn:substring-after($ref/@URI, '#') = $target/:Body/@wsu:Id and (every $wsah in $target/:Header/wsa:* satisfies some $ref2 in $ref/../ds:Reference satisfies ( fn:substring-after($ref2/@URI, '#') = $wsah/@wsu:Id)) ) )
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	Some ws-addressing header is not signed with the same signature as the Body of the message (based on @wsu:Id references).
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1402
General Notes:
Coverage Assessment:
Target Type:	ENVELOPE
Test Target:	Envelope with a signed body and some wsa headers.
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP1402
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header//@wsa:IsReferenceParameter][ some $tgt in . satisfies some $ref in :Header/wsse:Security//ds:Signature//ds:Reference satisfies (fn:substring-after($ref/@URI, '#') = $tgt/*:Body/@wsu:Id or fn:substring-after($ref/@URI, '#') = $tgt/@wsu:Id )]
Predicate:	( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $target/:Header/@wsu:Id or fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) or ( every $rfp in $target/:Header/[@wsa:IsReferenceParameter] satisfies some $ref in $target/*:Header/wsse:Security//ds:Signature//ds:Reference satisfies ( fn:substring-after($ref/@URI, '#') = $rfp/@wsu:Id))
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The SOAP Body of a message is signed but some ws-addressing reference parameter header block is not.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP1403
General Notes:
Coverage Assessment:	partial (does not cover UnknownSequence Fault)
Target Type:	ENVELOPE
Test Target:	Envelope with Soap11 Fault. a SOAP11 fault that has in its detail element wsrm identifier that refers to a known Secured Seq
Test co-Target(s):
Test Prerequisite:
Predicate:
Prescription:	mandatory
Reporting:	(default)
Test Control:

Test Assertion:	RSP1403
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsse:Security and :Header//@wsa:IsReferenceParameter]
Prerequisite:	RSP1402
Predicate:	( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) or ( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies ( fn:substring-after($ref/@URI, '#') = $target/:Body/@wsu:Id and (every $rfp in $target/:Header/*[@wsa:IsReferenceParameter] satisfies some $ref2 in $ref/../ds:Reference satisfies ( fn:substring-after($ref2/@URI, '#') = $rfp/@wsu:Id)) ) )
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	Some ws-addressing reference parameter header block is not signed with same signature as the SOAP Body of the message (based on @wsu:Id references).
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3201
General Notes:
Coverage Assessment:
Target Type:	ENVELOPE
Test Target:	Env contains MessagePending header AND whose Body is being signed (relates to Secured RM Seq)
Test co-Target(s):
Test Prerequisite:
Predicate:	(a) is signed, (b) signature covers both the header block and the Body. The [target]'s security Header that indicates the Body is signed also includes a reference to the wsu:Id of the MessagePending Header
Prescription:	mandatory
Reporting:	(default)
Test Control:	Run some secure request/response tests where there are several request messages being processed at the same time (ie. they are not serialized). Also, set the wsa:ReplyTo of the request messages (from a non-addressable endpoint) to an instance of the MC Anonymous URI Template.

Test Assertion:	RSP3201
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsse:Security and :Header/wsmc:MessagePending and (some $tgt in . satisfies some $ref in :Header/wsse:Security//ds:Signature//ds:Reference satisfies (fn:substring-after($ref/@URI, '#') = $tgt/*:Body/@wsu:Id or fn:substring-after($ref/@URI, '#') = $tgt/@wsu:Id ))]
Predicate:	( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies fn:substring-after($ref/@URI, '#') = $target/@wsu:Id ) or ( some $ref in $target/:Header/wsse:Security//ds:Signature//ds:Reference satisfies ( fn:substring-after($ref/@URI, '#') = $target/:Body/@wsu:Id and (some $ref2 in $ref/../ds:Reference satisfies ( fn:substring-after($ref2/@URI, '#') = $target/:Header/wsmc:MessagePending/@wsu:Id))) )
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The wsmc:MessagePending header block is not signed with same signature as the Soap Body (based on @wsu:Id references).
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3300
General Notes:
Coverage Assessment:	Good (should be able to cover all cases)
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope that belongs to a Secure Sequence, i.e. with a wsrm:Sequence/wsrm:Identifier element that match the wsrm:CreateSequenceResponse/wsrm:Identifier that is response of a wsrm:CreateSequence element extended with a wsse:SecurityTokenReference element.
Test co-Target(s):
Test Prerequisite:
Predicate:	The SOAP Envelope contains a wsse:Security header that has a wsu:Timestamp child element.
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	No WS-SecurityPolicy assertions will be deployed or published. Initiate a Secure Sequence (wsrm:CreateSequence element has been extended with a wsse:SecurityTokenReference element). Then RMS is sending messages over this sequence.

Test Assertion:	RSP3300
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsrm:Sequence][:Header/wsse:Security] [not(:Header/wsrm:Sequence/wsrm:Identifier = /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope/:Body/wsrm:CreateSequence/wsrm:Offer/wsrm:Identifier)]
co-Target: mycreateseq	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ (:Body/wsrm:CreateSequence and (: --- case CS/CSR not encrypted --- :) (some $cs in . satisfies (some $csr in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequenceResponse] satisfies ($target/:Header/wsrm:Sequence/wsrm:Identifier = $csr/:Body/wsrm:CreateSequenceResponse/wsrm:Identifier and ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID))))) or (: --- case CS/CSR encrypted --- :) ( (:Header/wsa:Action = 'http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence' and (:Body//:EncryptedData or :Header/wsse:Security//xenc:ReferenceList)) and (:Header/wsa:To = $target/:Header/wsa:To or $target/../../@type = 'response') ) ]
Prerequisite:	$mycreateseq/:Body/wsrm:CreateSequence/wsse:SecurityTokenReference or $mycreateseq/:Header/wsse:Security//xenc:ReferenceList
Predicate:	$target/*:Header/wsse:Security/wsu:Timestamp
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	A SOAP Envelope that belongs to a Secure Sequence does not contain a wsse:Security header that has a wsu:Timestamp child element.
Diagnostic Data:

Test Assertion

Test Assertion Analysis:	RSP3301
General Notes:	This is a more general situation than R3300: a WS-SecurityPolicy assertions may or may not be deployed, that controls the presence of wsu:Timestamp. Although the Rxxxx is considering a pair of Envelopes, the test target (and predicate) focus on a single one at a time.
Coverage Assessment:	Good (should be able to cover all cases)
Target Type:	ENVELOPE
Test Target:	A SOAP Envelope that belongs to a Secure Sequence, (see the filter condition in R3300 for this)
Test co-Target(s):
Test Prerequisite:
Predicate:	if the SOAP Envelope contains a wsse:Security/wsu:Timestamp child element, then any previous RM retry SOAP Envelope (same wsrm:Sequence/wsrm:Identifier and same wsrm:Sequence/wsrm:MessageNumber) has a different wsse:Security/wsu:Timestamp, else any previous RM retry SOAP Envelope does NOT have wsu:Timestamp under wsse:Security
Prescription:	mandatory
Reporting:	true=passed, false=failed
Test Control:	Initiate a Secure Sequence (wsrm:CreateSequence element has been extended with a wsse:SecurityTokenReference element). Then RMS is sending messages over this sequence. Manage to cause message resending (block Acks, or set the retry period shorter than the Ack period.)

Test Assertion:	RSP3301
Description:
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ :Header/wsrm:Sequence = preceding:::Envelope/:Header/wsrm:Sequence] [:Header/wsse:Security] [not(:Header/wsrm:Sequence/wsrm:Identifier = /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope/:Body/wsrm:CreateSequence/wsrm:Offer/wsrm:Identifier)]
co-Target: mycreateseq	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[ (:Body/wsrm:CreateSequence and (: --- case CS/CSR not encrypted --- :) (some $cs in . satisfies (some $csr in /wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wsrm:CreateSequenceResponse] satisfies ($target/:Header/wsrm:Sequence/wsrm:Identifier = $csr/:Body/wsrm:CreateSequenceResponse/wsrm:Identifier and ($csr/../../@conversation = $cs/../../@conversation or $csr/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $cs/:Header/wsa:MessageID))))) or (: --- case CS/CSR encrypted --- :) ( (:Header/wsa:Action = 'http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence' and (:Body//:EncryptedData or :Header/wsse:Security//xenc:ReferenceList)) and (:Header/wsa:To = $target/:Header/wsa:To or $target/../../@type = 'response') ) ]
Predicate:	(not ($target/:Header/wsse:Security/wsu:Timestamp) and not (preceding:::Envelope[:Header/wsrm:Sequence = $target/:Header/wsrm:Sequence][:Header/wsse:Security/wsu:Timestamp])) or ($target/:Header/wsse:Security/wsu:Timestamp and not (preceding:::Envelope[:Header/wsrm:Sequence = $target/:Header/wsrm:Sequence]/:Header/wsse:Security/wsu:Timestamp = $target/*:Header/wsse:Security/wsu:Timestamp ))
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	Either a SOAP Envelope that belongs to a Secure RM Sequence contains a wsse:Security/wsu:Timestamp child element, but a previous RM retry SOAP Envelope (same wsrm:Sequence/wsrm:Identifier and same wsrm:Sequence/wsrm:MessageNumber) has a same wsse:Security/wsu:Timestamp value, or the SOAP Envelope does not contain a wsse:Security/wsu:Timestamp and yet some previous RM retry SOAP Envelope does contain a wsu:Timestamp.
Diagnostic Data:

Test Assertion

Test Assertion:	RSP1004
Description:	This assertion checks for the use of the WS-SC Amend binding and logs a warning.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wst:RequestSecurityToken or *:Body/xenc:EncryptedData]
Predicate:	not ($target/*:Header/wsa:Action='http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Amend')
Reporting:	true=passed, false=warning
Prescription:	preferred
Error Message:	The request uses the SCT Amend binding. Verify that the service supports this binding.
Diagnostic Data:	Complete message.

Test Assertion

Test Assertion:	RSP1006a
Description:	This assertion examines the response to an SCT/Renew request and, if that response is not a fault, makes sure that it meets the basic criteria of a "proper" response (as defined by WS-SC).
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsa:Action='http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Renew'] [(:Body/wst:RequestSecurityToken or :Body/xenc:EncryptedData)]
co-Target: myresponse	/wsil:testLog/wsil:messageLog/wsil:message[ (@type = 'response' and @conversation = $target/../../@conversation) or (.//:Envelope/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $target/:Header/wsa:MessageID) ] /wsil:messageContents/:Envelope
Prerequisite:	not ($myresponse/:Body/:Fault)
Predicate:	($myresponse/:Header/wsa:Action = 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/SCT/Renew' and $myresponse/:Body//wst:RequestSecurityTokenResponse)
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	The service responded to a request to renew a security context with something other than the correct response.
Diagnostic Data:	Complete message.

Test Assertion

Test Assertion:	RSP1006b
Description:	This assertion examines the response to an SCT/Renew request and, if that response is fault, makes sure that it is a wsa:ActionNotSupported fault. Because there are many reasons for a fault to be generated, this assertion only logs a warning in case the fault had some other cause than the services inability to support SCT/Renew.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsa:Action='http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Renew'] [(:Body/wst:RequestSecurityToken or :Body/xenc:EncryptedData)]
co-Target: myresponse	/wsil:testLog/wsil:messageLog/wsil:message[ (@type = 'response' and @conversation = $target/../../@conversation) or (.//:Envelope/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $target/:Header/wsa:MessageID) ] /wsil:messageContents/:Envelope
Prerequisite:	$myresponse/:Body/:Fault
Predicate:	( if ($myresponse/soap11:Body) then ( fn:ends-with($myresponse/soap11:Body/soap11:Fault/faultcode, 'ActionNotSupported') ) else ( fn:ends-with($myresponse/soap12:Body/soap12:Fault/soap12:Code/soap12:Value, 'Sender') and fn:ends-with($target/soap12:Body/soap12:Fault/soap12:Code/soap12:Subcode/soap12:Value, 'ActionNotSupported') ) )
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	A request to renew a security context received a fault response other than "wsa:ActionNotSupported". This could be due to some problem with the request, some problem with the service, or it could be due to incorrect error reporting behavior on the part of the service. If the service is attempting to indicate that it does not support the WS-SC Renew operation via some other fault than the wsa:ActionNotSupported fault, it is non-conformant with R1006 of RSP 1.0.
Diagnostic Data:	Complete message.

Test Assertion

Test Assertion:	RSP1007a
Description:	This assertion examines the response to an SCT/Cancel request and checks for the wsa:ActionNotSupported fault response. Such a fault unambiguously indicates that the SCT/Cancel binding is NOT supported by the service, which violates R1007. This assertion assumes that the client is trasmitting the SCT/Cancel request to the appropriate endpoint i.e. that the service is acting as a security token service.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsa:Action='http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Cancel'] [(:Body/wst:RequestSecurityToken or :Body/xenc:EncryptedData)]
co-Target: myresponse	/wsil:testLog/wsil:messageLog/wsil:message[ (@type = 'response' and @conversation = $target/../../@conversation) or (.//:Envelope/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $target/:Header/wsa:MessageID) ] /wsil:messageContents/:Envelope
Predicate:	(not (if ($myresponse/soap11:Body) then ( fn:ends-with($myresponse/soap11:Body/soap11:Fault/faultcode, 'ActionNotSupported') ) else ( fn:ends-with($myresponse/soap12:Body/soap12:Fault/soap12:Code/soap12:Value, 'Sender') and fn:ends-with($myresponse/soap12:Body/soap12:Fault/soap12:Code/soap12:Subcode/soap12:Value, 'ActionNotSupported') ) ) )
Reporting:	true=passed, false=failed
Prescription:	mandatory
Error Message:	A request to cancel a security context received a wsa:ActionNotSupported fault response, which indicates that the SCT/Cancel binding is not supported by the service. This indicates that the service does not conform to R1007 of RSP 1.0.
Diagnostic Data:	Complete message.

Test Assertion

Test Assertion:	RSP1007b
Description:	This assertion examines the response to an SCT/Cancel request and checks for the appropriate, WS-SC-defined response. The lack of such a response might indicate that the service does not support the SCT/Cancel binding, which would violate R1007. This assertion assumes that the client is trasmitting the SCT/Cancel request to the appropriate endpoint i.e. that the service is acting as a security token service. It also relies on RSP1007a as a prerequisite. This avoids double-reporting the behavior that RSP1007a checks for.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Header/wsa:Action='http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Cancel'] [(:Body/wst:RequestSecurityToken or :Body/xenc:EncryptedData)]
co-Target: myresponse	/wsil:testLog/wsil:messageLog/wsil:message[ (@type = 'response' and @conversation = $target/../../@conversation) or (.//:Envelope/:Header/wsa:RelatesTo[@RelationshipType = 'http://www.w3.org/2005/08/addressing/reply' or not (@RelationshipType)] = $target/:Header/wsa:MessageID) ] /wsil:messageContents/:Envelope
Prerequisite:	RSP1007a
Predicate:	($myresponse/:Header/wsa:Action = 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/SCT/Cancel' and $myresponse/:Body//wst:RequestedTokenCancelled)
Reporting:	true=passed, false=warning
Prescription:	mandatory
Error Message:	A request to cancel a security context did not receive the appropriate response. This might indicate that the service does not support the SCT/Cancel binding, which would violate R1007 of RSP 1.0. Check the response to determine if it is the result of some problem other than the services inability to support the SCT/Cancel binding.
Diagnostic Data:	Complete message.

Test Assertion

Test Assertion:	RSP1008
Description:	This assertion checks for the presence of an SCT request and checks for the corresponding SCT/Cancel. The lack of an SCT/Cancel indicates either that the log file did not capture all of the messages in the interaction between the client and server, or that the client simply neglected to send a SCT/Cancel request. The latter indicates a issue with R1008, which states that clients SHOULD cancel their security contexts.
Target:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body//wst:RequestSecurityTokenResponse and *:Header/wsa:Action = 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/SCT']
Predicate:	/wsil:testLog/wsil:messageLog/wsil:message/wsil:messageContents/:Envelope[:Body/wst:RequestSecurityToken and :Header/wsa:Action='http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Cancel'] [:Body//wst:RequestSecurityToken/wst:CancelTarget/wsse:SecurityTokenReference/wsse:Reference/@URI = $target/*:Body//wst:RequestSecurityTokenResponse/wst:RequestedSecurityToken/wssc:SecurityContextToken/wssc:Identifier]
Reporting:	true=passed, false=warning
Prescription:	preferred
Error Message:	A client requested and obtained a security context that it never subsequently canceled. Verify that the log contains a complete record of the clients interaction with the service and that the cancel request was not missed. If the log is complete and there are no missing messages, the fact that the client did not cancel the security context both increases the risk of that security context being compromised and consumes additional resources on the service.
Diagnostic Data:	Complete message.

Test Assertion Glossary

Test Assertion Part	What it means:
Test Assertion ID:	[markup: testAssertion/@id] (required) A unique ID for the current test assertion.
Description:	[markup: testAssertion/description* ]* (optional) A plain text description of the current test assertion. At minimum expressing the TA predicate.
Comments:	[markup: testAssertion/comments* ]* (optional) A plain text comment about the TA script and how well it covers the profile requirement. Explanation material for users, and developers (what could be improved, etc.).
Target:	[markup: testAssertion/target* ]* (required) The artifacts to be tested, defined by an XPath expression that returns a list of XML nodes from the log file in input. For every artifact (node) selected by the Target expression, there will be a report entry for this TA in the test report, with a result of either: passed failed warning notApplicable notRelevant missingInput undetermined See the "reporting" item for the meaning of these results.
Cotarget:	[markup: testAssertion/cotarget* ]* (optional) Artifact that is related to the target, and that needs be accessed for the testing. Identified by an XPath expression that may refer to the related target node using the variable '$target'. For example, the target can be a SOAP message and the cotarget the WSDL file that describes this SOAP message. A cotarget must have a @name attribute that identifies it. The value of this attribute can be used as a variable (when prepending '$' to it) by subsequently defined cotargets, prerequisite and predicate.
Prerequisite:	[markup: testAssertion/@preReq* ]* (optional) [markup: testAssertion/prerequisite* ]* (optional) The pre-condition for evaluating this Test Assertion on this target. If the prerequisite evaluates to "false" then the target does not qualify for this Test Assertion (the test report is "notRelevant") The first part (preReq attribute) is an enumeration of Test Assertion IDs. Each one of the prerequisite TAs must either use the same target (e.g. SOAP Envelope, or WSDL binding, etc.) as this TA, or a target that is of a more general type than the main TA target. The target must "pass" each one of these prerequisite TAs in order to qualify for this TA. (e.g. the target of TA t1 can be a WSDL binding while the target of a TA t2 prerequisite of t1, can be the entire WSDL file). The second part ("prerequisite" element) is an XPath (boolean) expression of the same nature as the predicate. If present, it must evaluate to "true" for the target to qualify. If it fails, the result for the current TA in the report will be "notRelevant". Otherwise, the target can be further evaluated by the predicate of the main TA. The expression may refer to the target explicitly using the variable name "$target", or to any cotarget using its name as variable name ($[name]).
Predicate:	[markup: testAssertion/predicate] required element] A logical expression that evaluates whether this target is fulfilling the profile requirement addressed by this test Assertion. By default: - A result of true means the requirement is fulfilled (reported as a "passed" in the test report). - A result of false means the requirement is violated (reported as a "failed" in the test report). However, in some cases and for testability reasons, the predicate may be designed as a partial indicator e.g. only indicates some cases of fulfillment, or some cases of violation. As a result, when "true" indicates fulfillment it may be that "false" is unconclusive, or conversely "false" will indicate violation, but "true" is unconclusive. In such cases, the "Reporting" element specifies the meaning of the predicate result w/r to the profile requirement. The predicate expression implicitly refers to the target (whic is its "XPath context") although it may explicitly refer to it using the variable name "$target". It may refer to any cotarget using its name as variable name ($[name]).
Prescription:	[markup: testAssertion/prescription/@level* ]* (required) Conveys the level of prescription associated with the profile requirement. At least three values may be used: mandatory: maps to RFC2119 keywords MUST, MUST NOT, SHALL, SHALL NOT, REQUIRED (and sometimes MAY NOT) preferred: maps to RFC2119 keywords SHOULD, SHOULD NOT, RECOMMENDED, NOT RECOMMENDED permitted: maps to RFC2119 keywords MAY, OPTIONAL.
Reporting:	[markup: testAssertion/reporting* ]* (optional) For each possible outcome of the predicate (true or false), specifies how it must be interpreted w/r to the profile feature. Two attributes are used that both must be present, when this element is present: @true attribute: may take values among {passed, failed, warning, undetermined} (default is 'passed') @false attribute: may take values among {passed, failed, warning, undetermined} (default is 'failed') The reported outcomes have the following meaning: passed: the target passes the test and can be considered as fulfilling the profile feature. failed: the target fails the test and can be considered as violating (or not exhibiting) the profile feature. warning: the test result is inconclusive. There is a possibility of profile requirement violation, that deserved further investigation. undetermined: the test result is inconclusive for this predicate value. NOTES: the predicate of the TA may be worded in a negative way so that @false='passed' although that is not recommended. The result of a test should not be related to the prescription level, e.g. a "preferred" or "permitted" level should not imply that @false='warning'. Other test results that are automatically generated and not controlled by the "reporting" element are: notRelevant: the target failed the prerequisite condition and therefore does not qualify for further testing (i.e. the predicate expression is NOT evaluated on it). missingInput: a cotarget expression returned an empty node set. notApplicable: this target was not even selected by the target XPath expression, while being of the same general artifact type (e.g. message type).