OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: NEW Issue: Fault codes needed for policy violations


PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSION THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. 

The issues coordinators will notify the list when that has occurred.

 

Protocol:  ws-sp

http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/21186/ws-securitypolicy-1.2-spec-ed-01-r11.doc

Artifact:  spec

Type:

editorial 

Title:

Fault codes should be identified for ws-sp violations

Description:

WS-S includes fault codes for failures processing security headers, but a security header may be valid from a pure WS-S perspective but not meet requirements dictated by ws-sp, i.e., no signature included when required. Fault codes should be identified in the ws-sp spec for such cases.

Related issues:

None 

Proposed Resolution:

Fault codes should be added in the spec for things like: missing signatures, no encryption, missing tokens, missing timestamp, missing required elements, etc.  



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]