----- Original Message -----
Sent: Tuesday, September 07, 2004 4:28
PM
Subject: RE: [ws-caf] outstanding issues
for WS-Context
I
believe that this issue must be related to my "informal issue" of access
control. In other words, if we "secure" then we authorize (and there are
various kinds of reads and writes); to authorize we have to authenticate --
which was where my thinking fell down. Authentication by interface reference
(I'll give you references only for the operations I wish you to use) only
works if the references are artificially different, and after a while it won't
be hard to work around that type of "protection".
I
believe that the introduction of authentication/authorization is a good idea
(I'm not the right person to propose how to do it in a WS-friendly way), and I
further think that we should remove the double reference we currently have, so
that the context service and the context manager are a single service
reference.
Alastair
The only two issues remaining for WS-Context
are:
and on conformance.
Expect a follow up in the next few days,
hopefully prior enough to the next telecon. that we can discuss them and
anything else related to 0.6.
Mark.
P.S. Now for WS-CF :-)
----
Mark Little,
Chief Architect,
Transactions,
Arjuna Technologies Ltd.
www.arjuna.com