[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-rx] New Issue: security threats and requirements
From: Gilbert Pilz
Sent: Tuesday, May 09, 2006 2:42 PM
To: ws-rx@lists.oasis-open.org
Subject: [ws-rx] New Issue: security threats and requirementsChapter 5 of the WS-RM spec has a number of problems:
- It lacks information specific to WS-RM. What needs to be protected and why?
- It is overly general in parts; describing general security concepts that don't have anything specifically to do with WS-RM.
- It recommends specific solutions (WS-SecureConversation) in preference to other solutions (e.g. HTTPS).
- It lacks the detailed security requirements that are needed by implementers to build secure WS-RM implementations.
Proposal: Replace Chapter 5 with the attached material.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]