[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] ISSUE 190: text for SOAP MustUnderstand issue
> From: Rich Salz [mailto:rsalz@datapower.com] > > > I'm operating from the assumption that the receiver is providing > > some service. As "owner" of the service, the receiver _must_ have > > final say over what policy is applied. This includes the option of > > ignoring incoming security information, especially when > that security > > information might be both irrelevant and quite expensive to process. > > What about the other half of likely WSS uses, which are responses? It works both ways. If I'm just displaying a portfolio summary on my web portal and I ask my broker for a stock quote and it gives me back a quote with a big pile of WSS, I may want to disregard the header. On the other hand, in the middle of a trade I _do_ want to check the security headers on the price my brokerage is quoting me. - irving -
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]