wsdm-comment message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [wsdm-comment] Public Comment
- From: Heather Kreger <kreger@us.ibm.com>
- To: nishimura.toshi@jp.fujitsu.com
- Date: Fri, 18 Feb 2005 10:37:39 -0500
It has come to my attention that we
had not replied to this public comment.
We did discuss this comment at the F2F
(since we were meeting Jan 19-21 when we
received the comment), agreed on a resolution and response, and apparently
there
was some misunderstanding about who would actually send the response leading
to
no response from the WSDM TC.
Here's the text from the MOWS section
in question:
"The following list summarizes common classes of attacks that apply
generally to
protocols and
identifies mechanisms available to prevent/mitigate the attacks:
...
Authentication – Authentication is established using the mechanisms described
in
WS-Security
and WS-Trust. Each message is authenticated using the mechanisms described
in
WS-Security."
...
The results of the discussion of the
comment at the F2F were:
- We agreed that this reference was not appropriate or necessary for the
implementation of WSDM MOWS V1.0.
- We agreed that the intent of the wording was general advice to any protocol,
non-normative, and exemplary.
- Since public comment period ended and we had already sent the final WSDM
1.0
package to OASIS, it would have been impossible to change it in time for
the current
process underway. If we had changed any content, even just grammatical,
our
understanding is that we would have to reballot the committee draft and
we would
miss the entrance into theJanuary standards process. We would have done
that for
a normative specification error, but we believed this to be poor wording
of
non-normative, advisory section where that strong of a reaction may not
be necessary.
- We also agreed that we would remove the reference in the next version
of the
WSDM specification.
We hope that this resolution (and our
apology for lack of public response) is
satisfactory.
Sincerely
Heather Kreger
STSM, Web Services Lead Architect for SWG Emerging Technologies
Author of "Java and JMX: Building Manageable Systems"
kreger@us.ibm.com
919-543-3211 (t/l 441) cell:919-496-9572
comment-form@oasis-open.org
01/20/2005 12:54 AM
Please respond to
nishimura.toshi |
|
To
| wsdm-comment@lists.oasis-open.org
|
cc
|
|
Subject
| [wsdm-comment] Public Comment |
|
Comment from: nishimura.toshi@jp.fujitsu.com
In page 12 of WSDM-MOWS 1.0 document, it refers a
specification named "WS-Trust". "WS-Trust" specification
I know is the specification by IBM, Microsoft, et al. It is a proprietary
spec and have not been submitted to a standardization organization yet.
It is not good to refer non-standard specification from standard specification.
I hope the TC revise the sentence by removing "WS-Trust".
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]