[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ws-rx] Analysis of the interactions between WS-RM and security
I (finally) had time to read this. I agree with the main point, that the (admittedly loose) coupling between WSRM and WSS should be removed. I can't find a compelling reason for hte WSRM schema to import the WSS schema. I hope that an explanation for the inclusion happens today. But barring that, I concur with Gil's recommendations, except that I don't need #4 :) I do have slight disagreements with II.C and the overall models presented. As one of the goals of security is to prevent message modification, one could posit an implementation that merged WSRX and WSS, because "changing the order" is definitely modification. /r$ -- Rich Salz, Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]