[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [wsrp-wsia] [change request #2] Restricting access based onregistration handle
sorry I meant we should _not_ mandate for ...
Mit freundlichen Gruessen / best regards,
Richard Jacob
______________________________________________________
IBM Lab Boeblingen, Germany
Dept.8288, WebSphere Portal Server Development
Phone: ++49 7031 16-3469 - Fax: ++49 7031 16-4888
Email: mailto:richard.jacob@de.ibm.com
|---------+---------------------------->
| | Richard |
| | Jacob/Germany/IBM|
| | @IBMDE |
| | |
| | 01/24/2003 12:00 |
| | PM |
|---------+---------------------------->
>--------------------------------------------------------------------------------------------------------------------------------------------------|
| |
| To: wsrp-wsia@lists.oasis-open.org |
| cc: |
| Subject: Re: [wsrp-wsia] [change request #2] Restricting access based on registration handle |
>--------------------------------------------------------------------------------------------------------------------------------------------------|
I agree to that.
we should leave it up to the implementations if and how these security
aspects are handled.
We should mandate for using a certain security technology.
Mit freundlichen Gruessen / best regards,
Richard Jacob
______________________________________________________
IBM Lab Boeblingen, Germany
Dept.8288, WebSphere Portal Server Development
Phone: ++49 7031 16-3469 - Fax: ++49 7031 16-4888
Email: mailto:richard.jacob@de.ibm.com
|---------+---------------------------->
| | Rich |
| | Thompson/Watson/I|
| | BM@IBMUS |
| | |
| | 01/20/2003 02:38 |
| | PM |
|---------+---------------------------->
>
--------------------------------------------------------------------------------------------------------------------------------------------------|
|
|
| To: wsrp-wsia@lists.oasis-open.org
|
| cc:
|
| Subject: [wsrp-wsia] [change request #2] Restricting access
based on registration handle
|
>
--------------------------------------------------------------------------------------------------------------------------------------------------|
Document: WSRP spec
Section: 5.2
Page/Line: 29/11-14
Requested by: Rich Thompson
Old text: Producers may also find it useful to restrict the information
returned to those portions of the service that the registration context
will allow the Consumer to access on subsequent invocations. Producers
using various security standards (e.g. WS-Security or SSL) to secure the
communication should delegate this access control issue to the relevant
security context.
Proposed text: (delete these 2 sentences)
Reasoning: When our security people read through the spec, they found
these two sentences not useful for several reasons, primarily:
1 - They don't really say anything beyond the sentence at line 7.
2 - By raising the question of delegating such decisions without fully
specifying how such delegation would work, the spec does more to confuse
than to help.
3 - It really isn't the role of the WSRP spec to define how
implementations will also support various security standards.
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC