[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-rx] proposal for i122, i123, and i124
The primary points I want to make with respect to this question are that a) Our proposal here only enables security composition as the charter for this TC requires. I do not view it as a profile. b) WS-I does not do original work, they only profile existing specs. So this proposal could not be done at WS-I. -----Original Message----- From: Doug.Bunting@Sun.COM [mailto:Doug.Bunting@Sun.COM] Sent: Thursday, June 08, 2006 3:37 PM To: Christopher B Ferris Cc: ws-rx@lists.oasis-open.org Subject: Re: [ws-rx] proposal for i122, i123, and i124 Chris and others, The question I raised near the end of this call was: One of the concerns raised with regard to Gil's i122 proposal was approximately "How does this profile development effort relate to the work which might happen in the new (and now publicly-known) Reliable Secure Profile WG[1] at WS-I?" I'd like to ask the same question about this proposal. MG: I can't speak to how the other proposal would fit there, this one I believe is complementary. It provides a mechanism whereby a token can explicitly be related to a RM session. Without that I think the WS-I RSP WG might have trouble fulfilling their charter to secure RM sessions using SC as they would not be able to define things like the assertion or the header below. Put another way, should this TC close this issue (i122) or those issues (i122-124) with no action in light of work happening elsewhere? MG: I don't think so. This proposal corrects what we saw as a problem with the original proposal for 122 that authentication modes for HTTPS. That was a good idea but needed to be done in general, not just for RM. That is why I opened issue 75 in the SX TC to add authentication modes to the WS-SP HttpsToken assertion. What remains in our new proposal here speaks exclusively to RM and leaves security specific aspects, like token details or transport authentication modes, to that domain and composes with them which is what the charter asks us to do with respect to security. Going down another level, is this really an alternative to Gil's i122-123 proposals or an additional profile which might be folded into Gil's mix? Though doing lots of profiles in this TC strikes me as a time suck and a significant change in our priorities, I would like to hear other perspectives. MG: I think from the explanation above it should be clear that this is an alternative and not an additional profile. I don't view this proposal as a profile at all. I would see something like the WS-I RSP that choose a security mechanism to use with this, specifically SC, as a profile. This simply enables composition, it does not dictate the specifics. thanx, doug [1] <http://www.ws-i.org/deliverables/workinggroup.aspx?wg=reliablesecure> On 08/06/06 04:28, Christopher B Ferris wrote: > All, > > IBM and Microsoft would like to submit the following proposal for > issues i122, i123 and i124 that defines the mechanism that MAY be used > to secure an RM Sequence, the means by which the RMS can be assured > that the RMD will correctly process the extension, and the means by > which the RMD can advertise support for the extension. > > > > Cheers, > > Christopher Ferris > STSM, Software Group Standards Strategy > email: chrisfer@us.ibm.com > blog: http://www.ibm.com/developerworks/blogs/dw_blog.jspa?blog=440 > phone: +1 508 377 9295
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]