[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wsrp] Purpose of Section 9?
Hi Subbu, to b) yes I will pick this up once I completly recover. Unfortunatly I had to be absent since the last F2F for 6 weeks and still have an outstanding surgery. The surgery will take me out 'till the first or second week of august. I will then pick up the work on security again. Applogies, that my plans to start right after the F2F didn't work out for me :-( Mit freundlichen Gruessen / best regards, Richard Jacob ______________________________________________________ IBM Lab Boeblingen, Germany Dept.8288, WebSphere Portal Server Development WSRP Team Lead & Technical Lead WSRP Standardization Phone: ++49 7031 16-3469 - Fax: ++49 7031 16-4888 Email: mailto:richard.jacob@de.ibm.com Subbu Allamaraju <subbu@bea.com> To 07/04/2005 01:30 wsrp <wsrp@lists.oasis-open.org> AM cc Subject [wsrp] Purpose of Section 9? The Security section in V1 remained vague (for no fault of WSRP) about handling security, particularly about the problems discussed post V1 such as user identity propagation, confidentiality and integrity. Since those specs have evolved since, and stack implementations are beginning to support those standards, leaving this section as is would be confusing to readers. I have two questions: a. What does the TC think about updating this section with more direct references to various security specs (W3C specs on signature and encruption, OASIS specs on SAML and WS-Security and others). This would atleast give an indication that this TC acknowledges those specs, and recommends using those specs for solving security issues. b. More than a year ago, Richard led some effort in identifying use cases and candidate specs for solving those. Is there any interest in renewing that discussion and come up with a tech note during the V2 timeframe? In the absence of a tech note, updating sec 9 would become more important for the V2 spec. Regards, Subbu --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. You may a link to this group and all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]