OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ws-rx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [ws-rx] Revised proposal #2 for i122 - i124


Attached to this message you will find an alternative solution proposal 
that meets the requirements for i122-i124. The proposal is co-authored
by SAP and Oracle. The proposal is expressed as a diff over your 
original proposal.

We believe that our proposal has certain advantages over the original 
proposal. These include:

(1) Supports a more flexible interaction model (architecture) between RM 
and the Security layer; RM layer does not have to process or communicate 
security artefacts such as STRs. All required STRs are found within the 
SOAP message security header.
(2) Is based entirely on the OASIS WSS standard.
(3) Provides a standard pattern which may be re-used for other 
application protocols as it is based upon profiling the STR usage attribute.
(4) Has no additional impact on SecurityPolicy beyond that found in the 
original proposal.

prateek mishra

> This update is easy to understand but includes some important tweeks 
> that have been discussed on the list. Redlines are from the last 
> revision of this proposal posted on June 21^st .
> http://lists.oasis-open.org/archives/ws-rx/200606/msg00164.html
> First the observation Sanjay made that the header does not make any 
> sense as mU=false has been addressed, the header now must be mU=true.
> http://lists.oasis-open.org/archives/ws-rx/200606/msg00259.html
> I also added a reference to the SC section (I used the contributed 
> version rather than the SX TC editor draft) that describes the use of 
> an STR in a message body to address Prateek’s concern that the RX TC 
> not invent new mechanisms. The concern Gil mentioned that there should 
> be advice to favor a message independent reference over a local 
> reference has also been added.
> http://lists.oasis-open.org/archives/ws-rx/200607/msg00035.html
> Other than that I corrected a few 2119 terms that were not in caps.
> (Sorry if this is a dupe, I forgot the subject line and the OASIS 
> mailer said it bounced)

Securing RM Sequences-diff-from-060706.doc

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]