[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RES: [wsbpel] new issue: do we want to remove normative wordings in chapter 16 "Security Consideration"?
Pursuant to this, I would propose the following: 1) Change "RECOMMENDED" in the first sentence of Chapter 16 to "recommended" 2) Reword the third sentence of Chapter 16 to read, "When using WS-Security, signatures may include semantically significant headers and the message body, as well as any other relevant data, so that they cannot be independently separated and reused." 3) Change the second sentence of the second paragraph to read, "Messages may include a message timestamp. such as that described in WS-Security, within the signature." -Charlton. ________________________________ De: Dieter Koenig1 [mailto:dieterkoenig@de.ibm.com] Enviada: qui 1/6/2006 01:24 Para: Alex Yiu Cc: Alex Yiu; Diane Jordan; Peter Furniss; wsbpeltc Assunto: Re: [wsbpel] new issue: do we want to remove normative wordings in chapter 16 "Security Consideration"? For business processes, it is strongly recommended to secure their partner interactions. Other than that, security considerations in general and WS-Security in particular are orthogonal and out of scope of the WS-BPEL specification, so there cannot be a MUST statement. Kind Regards DK Dieter König Mail: dieterkoenig@de.ibm.com IBM Deutschland Entwicklung GmbH Senior Technical Staff Member Tel (office): (+49) 7031-16-3426 Schönaicher Strasse 220 Architect, Business Process Choreographer Fax (office): (+49) 7031-16-4890 71032 Böblingen Member, Technical Expert Council Tel (home office): (+49) 7032-201464 Germany Alex Yiu <alex.yiu@oracle. com> To Diane Jordan <drj@us.ibm.com>, 31.05.2006 18:06 Peter Furniss <peter.furniss@erebor.co.uk> cc wsbpeltc <wsbpel@lists.oasis-open.org>, Alex Yiu <alex.yiu@oracle.com> Subject [wsbpel] new issue: do we want to remove normative wordings in chapter 16 "Security Consideration"? New issue: do we want to remove normative wordings in chapter 16 "Security Consideration"? ----------------------------------- There are 3 occurrences of RFC normative wordings in conjunction with WS-Security in chapter 16 "Security Consideration". e.g. "RECOMMENDED" and "SHOULD". Do we want to remove those normative wordings? This decision would have implication to how and whether WS-Security is added in references section. Submitter Proposal: I tend to think those wordings and references to WS-Security should be non-normative. Because, WS-Security usage is orthogonal and optional to the main concern of WS-BPEL. ----------------------------------- Thanks! Regards, Alex Yiu --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. You may a link to this group and all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. You may a link to this group and all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]