These are both good points. I'd like to see feedback from others.
For my part, I agree that the right place for any indication of server
validation is in policy - either node or registry policy. Should there be a
preference?
I'm not so sure about the Security API's role in establishing a secure
channel - I keep thinking of the secure channel as SSL (althought others have
been pointed out), and I have thought of the Security API (at the very least) as
being implemented over SSL - hence the channel is established before the
Security API is called. Or perhaps you are considering client-authenticated
SSL? But I'd really like to hear what others have to say.
Tony
-----Original Message----- From: von Riegen,
Claus [mailto:claus.von.riegen@sap.com] Sent: Tue 03-May-05 19:18
To: Rogers, Tony; uddi-spec@lists.oasis-open.org Cc:
Subject: RE: [uddi-spec] Groups -
uddi-spec-tc-tn-securechannelfortrustworthiness
(uddi-spec-tc-tn-securechannelfortrustworthiness-20050310.doc)
uploaded
Tony,
The TN looks good and is
consistent.
Though, maybe because I haven't read the TN for a long
time, I was wondering on A) how the client can actually determine that the
validation is done on the server side and whether this needs to be described
using a node policy B) what guidance we may want to give in terms of using
the UDDI Security API set for the actual establishment of a secure
channel.
Thoughts?
Claus
-----Original
Message----- From: Tony.Rogers@ca.com [mailto:Tony.Rogers@ca.com] Sent:
Dienstag, 29. März 2005 08:12 To:
uddi-spec@lists.oasis-open.org Subject: [uddi-spec] Groups -
uddi-spec-tc-tn-securechannelfortrustworthiness
(uddi-spec-tc-tn-securechannelfortrustworthiness-20050310.doc)
uploaded
This is the candidate for release as a Technical Note. It is
now open for 30 day review. Please take the time to read it - it will be up
for discussion at the next TC meeting.
-- Mr Tony
Rogers
The document revision named
uddi-spec-tc-tn-securechannelfortrustworthiness (uddi-spec-tc-tn-securechannelfortrustworthiness-20050310.doc)
has been submitted by Mr Tony Rogers to the OASIS UDDI Specification TC
document repository. This document is revision #6
of uddi-spec-tc-tn-secureChannelForTrustworthiness-20040315.doc.
Document
Description: v0.4 - Minor revisions to tidy up some of the language and
strengthen the recommendation.
v0.5 - Updates to Tony's
edits
v0.6 - Paul Macias' edits
v0.7 - Pete Wenzel's
edits
v0.8 - Tony's minor edits
View Document Details: http://www.oasis-open.org/apps/org/workgroup/uddi-spec/document.php?document_id=12026
Download
Document: http://www.oasis-open.org/apps/org/workgroup/uddi-spec/download.php/12026/uddi-spec-tc-tn-securechannelfortrustworthiness-20050310.doc
Revision: This
document is revision #6
of uddi-spec-tc-tn-secureChannelForTrustworthiness-20040315.doc. The
document details page referenced above will show the complete revision
history.
PLEASE NOTE: If the above links do not work for you,
your email application may be breaking the link into two pieces. You
may be able to copy and paste the entire link address into the address
field of your web browser.
-OASIS Open
Administration
|