[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-rx] Amendment to Microsoft/IBM proposal for i122-i124
The new header you propose seems fine. I am concerned that specifying an assertion like SequenceSSL steps into the SP domain by making the selection of the security mechanism. Tagging that an STR will be present does not as all of the specific security mechanisms are left to SP itself. -----Original Message----- From: Gilbert Pilz [mailto:Gilbert.Pilz@bea.com] Sent: Monday, July 10, 2006 10:28 PM To: ws-rx@lists.oasis-open.org Subject: [ws-rx] Amendment to Microsoft/IBM proposal for i122-i124 I would like to propose the attached amendment to the Microsoft/IBM proposal. This material is presented as a set of additions and changes to the version of the Microsoft/IBM proposal posted here: http://lists.oasis-open.org/archives/ws-rx/200607/msg00036.html This amendment seeks to accomplish the following: 1.) Support the use of SSL/TLS to protect Sequences against spoofing attacks. 2.) Render (1) in a way that does not require implementations to understand STR's and their various referencing mechanisms, processing rules, etc. 2.) Define a WS-Policy assertion that specifies a requirement to bind Sequences to SSL/TLS sessions. - gp p.s. The general notion of this amendment could also apply to the Oracle/SAP proposal posted here (http://lists.oasis-open.org/archives/ws-rx/200607/msg00054.html) though, obviously, the specific wording would have to change.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]