[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [wss] Interesting article this morning...
"Hallam-Baker, Phillip" wrote: > > > On a related note, let us forge ahead and do the right thing. In > > the long term, a specification that adds value to the web services eco > > system will be our best reply to all the doubts raised by others. > > On that note, I just worked out the right analogy. > or is it? If DNS was trying to replace an existing system which already did many of the things such as mutliple records, bulk distribution, delta distribution, etc. do you think that hosts.txt file would be enough to make people bat even an eyelid? Whether we like it or not, WS_SEC is competing with SSL for all the point-to-point cases. SSL comes complete with QoP handshake and negotiation, SecureConversation with session keys and caching support, fixed set of token (CipherSuites), and with no replay issues. Further, no special means are required to indicate that a given link is secured, except using https in those embedded links. In our case, it is not clear to me how anybody can exploit the other existing UDDI/WSDL infrastructure without making some changes in WSDL. So, if we are going to offer another alternative which is supposed to be a whole lot better compared to the existing option, it typically is supposed to be better, faster, and cheaper. Even if this is not possible, it may be sufficient to make a convincing case for the new proposal provided it is a complete story that is comparable to the existing solutions. IMO, the story does not become complete just because 4-5 lines have been mentioned in a road-map on all other missing items. Further more, WSSC does not really have any visibility into those items. The idea of developing such protocols in a "serial" fashion is fundamentally a slow death. SSL would have been still languishing if Taher and others at Netscape had taken a serial approach at developing the SSL protocol. IMO, it would really look silly if we are all extremely eager to pass some resolution and declare victory, very well knowing that this is completely incomplete for any real-life practical deployments. I also do not think that we would be able to evaluate how good the new spec is as a component without looking at how the other WS_* things referenced in the roadmap complete the entire story. Vipin Samar > > Of course it was clear to everyone that the hosts.txt file mechanism would > eventually become unmaintainable, even if the Internet grew to include only > the universities. But the initial lack of DNS did not delay the introduction > of the Internet. > > What we are talking about with WSDL as solutions that allow Web services to > be deployed on a very large scale. Sure we will eventually need them, but > until they are available we can use manual configuration to achieve the same > effect. > > Of course having spent the past days trying to deal with all this stuff I > still haven't got round to doing what I had intended to do and send a not to > QoP to point out that we have to consider more than just WS-Security, we > need to consider SecureConversation and Key Agreement issues. > > Hmm shades of the IETF SNMP/MIB discussions... > > We could end up being up to our ears in process if we are not carefull on > this one. > > Phill > > ---------------------------------------------------------------- > To subscribe or unsubscribe from this elist use the subscription > manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC