RE: [ws-caf] outstanding issues for WS-Context

ws-caf message

Subject: RE: [ws-caf] outstanding issues for WS-Context

From: "Green, Alastair J." <Alastair.Green@choreology.com>

To: "Mark Little" <mark.little@arjuna.com>,"ws-caf" <ws-caf@lists.oasis-open.org>

Date: Tue, 7 Sep 2004 16:28:38 +0100

Title: Message

I believe that this issue must be related to my "informal issue" of access control. In other words, if we "secure" then we authorize (and there are various kinds of reads and writes); to authorize we have to authenticate -- which was where my thinking fell down. Authentication by interface reference (I'll give you references only for the operations I wish you to use) only works if the references are artificially different, and after a while it won't be hard to work around that type of "protection".

I believe that the introduction of authentication/authorization is a good idea (I'm not the right person to propose how to do it in a WS-friendly way), and I further think that we should remove the double reference we currently have, so that the context service and the context manager are a single service reference.

Alastair

-----Original Message-----
From: Mark Little [mailto:mark.little@arjuna.com]
Sent: 07 September 2004 16:09
To: ws-caf
Subject: [ws-caf] outstanding issues for WS-Context

The only two issues remaining for WS-Context are:

http://services.arjuna.com/wscaf-issues/show_bug.cgi?id=47 (security related)

and on conformance.

Expect a follow up in the next few days, hopefully prior enough to the next telecon. that we can discuss them and anything else related to 0.6.

Mark.

P.S. Now for WS-CF :-)

----
Mark Little,
Chief Architect, Transactions,
Arjuna Technologies Ltd.

www.arjuna.com