The WSSE module needs to have metadata that specifies various security requirements when processing an inbound message. Currently the message is processed by the header description. This is a fine approach, but a user may wish to optionally gaurantee that messages will only be processed if the following elements are encrypted and or signed.