[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [wsrp-wsia] [change request #2] Restricting access based onregistration handle
sorry I meant we should _not_ mandate for ... Mit freundlichen Gruessen / best regards, Richard Jacob ______________________________________________________ IBM Lab Boeblingen, Germany Dept.8288, WebSphere Portal Server Development Phone: ++49 7031 16-3469 - Fax: ++49 7031 16-4888 Email: mailto:richard.jacob@de.ibm.com |---------+----------------------------> | | Richard | | | Jacob/Germany/IBM| | | @IBMDE | | | | | | 01/24/2003 12:00 | | | PM | |---------+----------------------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| | | | To: wsrp-wsia@lists.oasis-open.org | | cc: | | Subject: Re: [wsrp-wsia] [change request #2] Restricting access based on registration handle | >--------------------------------------------------------------------------------------------------------------------------------------------------| I agree to that. we should leave it up to the implementations if and how these security aspects are handled. We should mandate for using a certain security technology. Mit freundlichen Gruessen / best regards, Richard Jacob ______________________________________________________ IBM Lab Boeblingen, Germany Dept.8288, WebSphere Portal Server Development Phone: ++49 7031 16-3469 - Fax: ++49 7031 16-4888 Email: mailto:richard.jacob@de.ibm.com |---------+----------------------------> | | Rich | | | Thompson/Watson/I| | | BM@IBMUS | | | | | | 01/20/2003 02:38 | | | PM | |---------+----------------------------> > --------------------------------------------------------------------------------------------------------------------------------------------------| | | | To: wsrp-wsia@lists.oasis-open.org | | cc: | | Subject: [wsrp-wsia] [change request #2] Restricting access based on registration handle | > --------------------------------------------------------------------------------------------------------------------------------------------------| Document: WSRP spec Section: 5.2 Page/Line: 29/11-14 Requested by: Rich Thompson Old text: Producers may also find it useful to restrict the information returned to those portions of the service that the registration context will allow the Consumer to access on subsequent invocations. Producers using various security standards (e.g. WS-Security or SSL) to secure the communication should delegate this access control issue to the relevant security context. Proposed text: (delete these 2 sentences) Reasoning: When our security people read through the spec, they found these two sentences not useful for several reasons, primarily: 1 - They don't really say anything beyond the sentence at line 7. 2 - By raising the question of delegating such decisions without fully specifying how such delegation would work, the spec does more to confuse than to help. 3 - It really isn't the role of the WSRP spec to define how implementations will also support various security standards. ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl> ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC