[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Is it time to start including Security in our discussions?
Hi Folks, I ran across this review today: Review: WS-Security Gateway Products A look at products designed to secure web services applications. http://update.internetweek.com/cgi-bin4/DM/y/edOY0BdiMw0V30CBPn0AM The point of the review is that WS-Security does a decent job of access control, but does not ensure SOAP Services integrity from some kinds of application-level attacks. Since we have not been intensely application-oriented, and that seems like a 2.0 consideration in any event, at this time, my concern is that we are seeing a raft of security services being marketed that are addressing incomplete standards, or perhaps developing standards might be a better way to phrase it. I suspect the time is either here, or rapidly approaching, when we need to get some WSRP eyes onto the Security Issues, perhaps a new SC, as if we needed another one, sigh. If we don't take it up at today's meeting, maybe we should put it on the agenda for the next one. Ciao, Rex -- Rex Brooks GeoAddress: 1361-A Addison, Berkeley, CA, 94702 USA, Earth W3Address: http://www.starbourne.com Email: rexb@starbourne.com Tel: 510-849-2309 Fax: By Request
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]