Subject: Amendment to Microsoft/IBM proposal for i122-i124
I would like to propose the attached amendment to the Microsoft/IBM proposal. This material is presented as a set of additions and changes to the version of the Microsoft/IBM proposal posted here: http://lists.oasis-open.org/archives/ws-rx/200607/msg00036.html This amendment seeks to accomplish the following: 1.) Support the use of SSL/TLS to protect Sequences against spoofing attacks. 2.) Render (1) in a way that does not require implementations to understand STR's and their various referencing mechanisms, processing rules, etc. 2.) Define a WS-Policy assertion that specifies a requirement to bind Sequences to SSL/TLS sessions. - gp p.s. The general notion of this amendment could also apply to the Oracle/SAP proposal posted here (http://lists.oasis-open.org/archives/ws-rx/200607/msg00054.html) though, obviously, the specific wording would have to change.
Securing RM Sequences - BEA ammend - 100706.doc