Danny,
We can't use RFC language. All of this impacts binding
implementation, and has nothing to do with WS-BPEL semantics. BPEL
itself has no security model to speak of; the best we can do is give
some friendly advice to binding implementors.
Put another way: I have a WS-BPEL 2.0 engine that can use, among
other things, a JMS binding for message I/O.
(https://open-esb.dev.java.net). If we use RFC language in this
chapter, am I going to be forced to figure out how to apply WS-Security
to a JMS transport? Or my ebXML MS transport? Or SMTP? Or AS 2? Or my
favourite, our REST binding? :-)
WS-BPEL 2.0 is binding neutral. Let's keep it that way, and avoid
2219 keywords.
Cheers,
-Ron
Danny van der Rijn wrote:
-1. We need to use RFC language, uppercase.
Prasad Yendluri wrote:
Hi Alex,
If we are including lower case "should" in the text of this section
anyway, I don't see an issue with use of lower case recommended, like
"it is recommended" or "it is highly recommended". "strongly suggested"
seems like an oxymoron to me :)
Section 2 of the spec (Notational Conventions), clearly shows the
normative keywords to be upper case (and referes to RFC2119). If
needed, we could add a sentence to state that 'only upper case form of
these keywords are normative' in that section. Going out of way to
change lower case recommended to suggested is an overkill IMO.
Best regards,
Prasad
------- Original Message --------
Issue 291: Normative wordings in chapter 16 "Security Consideration"
Proposal for vote: (changes highlighted in green)
============================
Since
messages can be modified
or forged, it is strongly suggested
that business process implementations use
WS-Security to ensure messages have not been modified or forged while
in
transit or while residing at destinations. Similarly, invalid or
expired messages
could be re-used or message headers not specifically associated with
the
specific message could be referenced. Consequently, when using
WS-Security,
signatures should include the
semantically significant headers and the message
body (as well as any other relevant data) so that they cannot be
independently
separated and re-used.
Messaging protocols used to
communicate among business processes are subject to various forms of
replay
attacks. In addition to the mechanisms listed above, messages should include a
message timestamp (as described in WS-Security) within the signature.
Recipients can use the timestamp information to cache the most recent
messages
for a business process and detect duplicate transmissions and prevent
potential
replay attacks.
It should also be noted that
business process implementations are subject to various forms of
denial-of-service attacks. Implementers of business process execution
systems
compliant with this specification should take this into account.
============================
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. You may a link to this group and all your TCs in
OASIS
at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
|