OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-rx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: FW: [ws-sx] Issue 76: How to reference a specific SC when initiating a session?


FYI - my response on the SX mailing list to Prateeks issue regarding a
generic
mechanism to secure sequences.

-Martin

Martin Raepple
Platform Ecosystem Industry Standards 
SAP AG 
Dietmar-Hopp-Allee 16 
69190 Walldorf, Germany 
T  +49/6227/7-60365 
F  +49/6227/78-44724 
mailto: martin.raepple@sap.com 
http://www.sap.com

-----Original Message-----
From: Raepple, Martin [mailto:martin.raepple@sap.com] 
Sent: Mittwoch, 21. Juni 2006 15:21
To: Prateek Mishra
Cc: ws-sx@lists.oasis-open.org
Subject: RE: [ws-sx] Issue 76: How to reference a specific SC when
initiating a session?

Prateek,

I think SC is not about defining the semantics for a session, sequence
etc. From my understanding, SC's scope is to define the (token) format
for a shared security context and the protocol messages to manage such a
context. Anything beyond this will be/is defined by other specs.

Even though SC defines a lifecycle for a context, this is still
independent of any higher level session/sequence semantics. In other
words, protocols like Reliable Messaging (RM) that define these
semantics can definitly take adventage of the generic context mechanisms
defined by SC, but there is always a non-generic part wrt security that
is specific to these higher-level protocols which should be specified by
the corresponding TCs. A session/(coordination)context/sequence has
special security requirements due to different semantics and I doubt
that we can find a common denominator in the SX TC.

Best regards
Martin

Martin Raepple
Platform Ecosystem Industry Standards 
SAP AG 
Dietmar-Hopp-Allee 16 
69190 Walldorf, Germany 
T  +49/6227/7-60365 
F  +49/6227/78-44724 
mailto: martin.raepple@sap.com 
http://www.sap.com
 

>-----Original Message-----
>From: Marc Goodner [mailto:mgoodner@microsoft.com] 
>Sent: Dienstag, 20. Juni 2006 17:23
>To: Prateek Mishra; ws-sx@lists.oasis-open.org
>Subject: [ws-sx] Issue 76: How to reference a specific SC when 
>initiating a session?
>
>Tracked as Issue 76.
>
>-----Original Message-----
>From: Prateek Mishra [mailto:prateek.mishra@oracle.com] 
>Sent: Tuesday, June 20, 2006 11:12 AM
>To: ws-sx@lists.oasis-open.org
>Cc: Marc Goodner
>Subject: NEW ISSUE: How to reference a specific SC when initiating a
>session?
>
>*PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL
>THE ISSUE IS ASSIGNED A NUMBER.  *
>
>*The issues coordinators will notify the list when that has occurred.*
>
>* *
>
>Protocol:   ws-sc
>
>http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php
>/18838/ws
>-secureconversation-1.3-spec-ed-01-r06-diff.doc 
>
>
> 
>
>Artifact:  spec
>
> 
>
>Type:
>
>design
>
> 
>
>Title:
>
>NEW ISSUE: How to reference a specific SC when initiating a session?
>
> 
>
>Description:
>
>This issue concerns the following use-case: a requestor wishes to
>participate in a multi-message session with a recipient. 
>The requestor  acquires a SC token by some means from its 
>local security
>system and adds it to the security header of a SOAP message. 
>The SOAP message is meant to initiate a sequence of exchanges with the
>recipient, all of which are to be protected by the SC token. 
>Notice that
>in general, the SOAP message may carry several security headers
>including other security tokens.
> 
>How can the requestor indicate to the recipient that a 
>specific SC token
>is to be used for the session?
>
> 
>
>Related issues:
>
>http://lists.oasis-open.org/archives/ws-rx/200606/msg00036.html
>
> 
>
>Proposed Resolution:
>
>My best guess here is that the requestor add a new STR to the header. 
>The STR would include a reference to the SC and include in its usage
>attribute a URI referencing the message body. If this is acceptable to
>the TC, we need to include some text explaining this "security 
>pattern".
>
>


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]