[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ekmi] SKSML Message Integrity and Confidentiality
I correct myself. The right term is "Binding". So for v1.0, I am proposing that we make the following bindings mandatory: a) SOAP/WS-S Binding. b) TLS Binding (Mutual Authentication only). A REST based profile can be done as a follow up to v1.0 I will provide the updated specification draft soon. On 10/20/2009 04:43 AM, Tomas Gustavsson wrote: > I think that is a very good idea. Implementing TLS authentication is > much simpler than using WS-security for authentication, at least with > current java tools. So different profiles there sounds like a good idea > to me. > > Regards, > Tomas > > > Anil Saldhana wrote: > >> Hi all, >> during the development of SKSML v1.0, there was a mandatory dependence >> on the SOAP/WS-Security layer to provide the integrity and >> confidentiality needs. I had made some observations that this can be >> updated to include other modes such as mutually authenticated TLS or >> just plain xml over a transport in situations requiring lower levels of >> trust (say within a protected environment). Anyway, the keys returned >> are REQUIRED to be encrypted, irrespective of existence of a SOAP/WSS >> layer. >> >> Since we will be going to public review 02 of the specification to >> include WSDL, xsd changes etc, I would like to introduce the concept of >> profiles into the specification, requiring a SOAP profile for >> compliance. But implementations should be able to provide other forms >> (mutual TLS or plain xml over a transport) as add-ons. >> >> Please share your thoughts? >> >> Regards, >> Anil
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]