[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [ws-sx] Comments on Security Policy and a Suggestion
Recently, Prateek and I and our product folks started looking at SecurityPolicy and we were dismayed by the breadth and the complexity. I doubt that most people could author Security Policies. Also, it's not clear if the specification works -- in that there may be practical situations that users want to express than cannot be expressed by Security Policy. So, I thought that what may be useful is to create a small number of usecases that represent typical customer usages of security in Web Services. Then we try and write Policies for these use cases and see what happens. I foresee two benefits from such an exercise: - We will find bugs and other usage problems and validate the design. - The resulting policies will be very useful and many users will just be able to use these canned policies for their work. I can try and write the policies but someone else needs to provide the usecases. All the best, Ashok
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]