[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wsrm] Comments on WS-Reliability CD 0.992
Thus spoke Alan Weissberger (ajwdct@technologist.com) on Mon, Apr 19, 2004 at 05:59:37PM -0500:
> I agree with Pete about explicitly forbidding an intermediary from
> tampering with WS Reliability headers. In particular we need to
> prevent " man in the middle" attacks.
>
> No problem with passive monitoring of WS Reliability messages for
> accounting purposes
Alan, that wasn't exactly the intent of my comment. Securing the
message, or portions of it, from tampering and disclosure is the job
of WSS. We already say we can compose with WSS, so your concern
should already be addressed adequately. (It is left as a future
exercise for some other group to describe exactly how these two specs
should be composed in a meaningful fashion.)
What I meant was, we should state that Sending RMPs MUST NOT address
RM headers to SOAP intermediaries ("next" role or actor). Confusing
things would occur if that were possible. (In other words, I don't
want to allow the "hop-to-hop reliability" can of worms to be opened.)
--Pete
> ----- Original Message -----
> From: Pete Wenzel
> Date: Mon, 19 Apr 2004 13:07:07 -0700
> To: wsrm@lists.oasis-open.org
> Subject: [wsrm] Comments on WS-Reliability CD 0.992
> > Here is my laundry list of things to fix in CD-0.992; most are
> > editorial in nature.
> >
> >
> > Line 98: Says "This specification addresses end-to-end reliability,
> > and is not concerned with intermediaries." However, there is nothing
> to
> > prevent someone targeting Reliability headers to "next" role/actor.
> > This case should be explicitly forbidden, rather than left
> undefined.
> >...
--
Pete Wenzel <pete@seebeyond.com>
Senior Architect, SeeBeyond
Standards & Product Strategy
+1-626-471-6311 (US-Pacific)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]