[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [soa-rm] Identity
What about from the Service providers point of view? I
definitely think
that identifying service consumers is not required in all
cases, however
service providers have some form of implied
identity.
The expedia example however does raise the question of would
you use the
site to book a trip if you could not identify it was Expedia's
site? If
just before you were going to give them your credit card, it jumped
to a
different domain name? Identity is implied by the URL
resolution
process, which in itself places a great deal of security
requirements on
the entire DNS process.
I am not thinking so much in
terms of a service consumer as I am the
service provider. Ajay made the
point in his presentation that it would
be mandatory to be able to ascertain
to some degree that the service you
are going to use is the one you want to
use.
I would at least like to mention it in the RM as an aspect (perhaps
just
in passing). To me, the Service description is probably where a
service
provider could make a statement of claim regarding their identity
and
perhaps supply a token, even as simple as a URI, to provide
proof.
anyone else?
Duane
--
***********
Senior
Standards Strategist - Adobe Systems, Inc. - http://www.adobe.com
Chair - OASIS Service
Oriented Architecture Reference Model Technical Committee -
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=soa-rm
Vice
Chair - UN/CEFACT Bureau Plenary - http://www.unece.org/cefact/
Adobe
Enterprise Developer Resources - http://www.adobe.com/enterprise/developer/main.html
***********
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]