[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] Bindings
At 09:46 PM 1/27/2004 +0000, Nick Pope wrote: >I would like to highlight one issue which I not sure how it is being >addressed: > >Bindings to underlying protocols and the security requirement of the >underling service. > >I believe that this specifics of the bindings are best specified in the >profile but should be common as far as possible across the profiles. I agree. >One way to start is to put some text in the time-stamp profile and then use >this as the basis for bindings in the other profiles. The time-stamping profile draft [1] has something like that: """ 2.1 Transport and Security Bindings This profile is transported using the SOAP-over-HTTPS binding of DSS defined in ???. The client MUST authenticate the server and validate the server's X.509 certificate chain. The server MAY authenticate the client. """ I was thinking of starting a Bindings Document, that we could reference from the "???". I would start it off with HTTP POST and TLS bindings, and then if someone else wants to add bindings for SOAP or WS-Security, they could do so. Is that the sort of approach you were thinking of? Trevor [1] http://www.oasis-open.org/apps/org/workgroup/dss/download.php/5121/oasis-dss-1.0-timestamping-profile-spec-wd-02.pdf
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]