OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

sca-bindings message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [NEW ISSUE] BWS50014 & BWS50015 are optional normative statements


Target:  sca-wsbinding-1.1-cd04.pdf

Description:

BWS50014 & BWS50015 are both optional normative statements - this gives problems in meeting the exit requirements and are not acceptable:

[BWS50014] Policies and assertions SHOULD be signed to prevent tampering.
[BWS50015] Policies SHOULD NOT be accepted unless they are signed and have an associated security token to specify the signer has proper claims for the given policy.



Proposal:

Make both statements non-normative, replacing them with the following text:

"It is good practice for Policies and assertions to be signed to prevent tampering.  
It is advisable that an SCA runtime does not accept Policies unless they are signed and have an
associated security token to specify the signer has proper claims for the given policy."



Yours, Mike
Dr Mike Edwards  Mail Point 137, Hursley Park
STSM  Winchester, Hants SO21 2JN
SCA & Services Standards  United Kingdom
Co-Chair OASIS SCA Assembly TC  
IBM Software Group  
Phone: +44-1962 818014  
Mobile: +44-7802-467431 (274097)  
e-mail: mike_edwards@uk.ibm.com  
 
 



Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU











Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU






[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]