ws-dd message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [ws-dd] RE: Issue 032 - DPWS - clarify behavior when a device containssecure and insecure services at the same time
- From: Anthony Nadalin <drsecure@us.ibm.com>
- To: Dan Driscoll <Dan.Driscoll@microsoft.com>
- Date: Wed, 31 Dec 2008 09:30:27 -0600
>is defined by the transport addresses of the DEVICE: HTTP transport addresses indicate the device supports no security, and HTTPS transport addresses >indicate the device supports the security profile defined in this section.
>
>A DEVICE may exclusively support only one security profile at a time, including the profile defined in this section, or no security profile whatsoever.
I think that this is confusing, as no security should mean NO security profile. There is no default profile I assume. I also assume that we are defining a TLS and a HTTPS profile for now and will be looking at a WS-Security profile
Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
Dan Driscoll ---12/22/2008 10:05:06 AM---Currently issue 32 is marked pending, but I’ll mail out the text separately since we have an AI on this issue.
From: |
Dan Driscoll <Dan.Driscoll@microsoft.com> |
To: |
Ram Jeyaraman <Ram.Jeyaraman@microsoft.com>, "ws-dd@lists.oasis-open.org" <ws-dd@lists.oasis-open.org> |
Date: |
12/22/2008 10:05 AM |
Subject: |
[ws-dd] RE: Issue 032 - DPWS - clarify behavior when a device contains secure and insecure services at the same time |
Currently issue 32 is marked pending, but I’ll mail out the text separately since we have an AI on this issue.
Proposed updated text:
7 Security
This section defines a RECOMMENDED baseline for interoperable security between a DEVICE and a CLIENT. A DEVICE (or CLIENT) is free to support other security mechanisms in addition to, or in place of, this mechanism as specified by WSDL [WSDL 1.1], policies [WS-Policy], or by other mechanisms means.
In the absence of an explicit indication stating that a different security mechanism is to be used, the default security mechanism defined here is assumed to apply is defined by the transport addresses of the DEVICE: HTTP transport addresses indicate the device supports no security, and HTTPS transport addresses indicate the device supports the security profile defined in this section.
A DEVICE may exclusively support only one security profile at a time, including the profile defined in this section, or no security profile whatsoever.
This informative text will be supported by normative statements about the concrete minimum security model.
From: Ram Jeyaraman [mailto:Ram.Jeyaraman@microsoft.com]
Sent: Wednesday, September 17, 2008 10:27 AM
To: ws-dd@lists.oasis-open.org
Subject: [ws-dd] Issue 032 - DPWS - clarify behavior when a device contains secure and insecure services at the same time
This issue is assigned the number 032. For further discussions on this issue, please refer to this issue number or use this thread.
From: Alain Regnier [mailto:alain@ricoh-tech.com]
Sent: Tuesday, September 16, 2008 11:15 PM
To: Ram Jeyaraman
Subject: NEW Issue - clarify behavior when a device contains secure and insecure services at the same time
Please defer discussions on this issue until a time this issue is accepted and is assigned a number.
Description:
Clarify behavior regarding hosting secure and insecure services on the same device.
Proposed Resolution:
Discuss and clarify, then add constraints.
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]