Re: [wss] UDDI liaison to WS-Security regarding Policy (related to QoPdiscussion)

[Anthony Nadalin <drsecure@us.ibm.com>]

Toufic,

Just wanted to make sure that you an others were aware that BEA, IBM,
Microsoft, SAP released policy specifications (WS-Policy,
WS-PolicyAttachments, WS-PolicyAssertions and WS-SecurityPolicy) right
before the end of the year along with 2 other security related
specifications with IBM, Microsoft, Verisign and RSA  (WS-Trust and
WS-SecureConversation). The links are listed below.

http://www-106.ibm.com/developerworks/library/ws-secroad/
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnglobspec/html/wspolicyspecindex.asp

Anthony Nadalin | work 512.436.9568 | cell 512.289.4122


|---------+---------------------------->
|         |           Toufic Boubez    |
|         |           <tboubez@layer7-t|
|         |           ech.com>         |
|         |                            |
|         |           01/13/2003 06:03 |
|         |           PM               |
|---------+---------------------------->
  >----------------------------------------------------------------------------------------------------------------------------------------------|
  |                                                                                                                                              |
  |       To:       "'Web Services Security'" <wss@lists.oasis-open.org>                                                                         |
  |       cc:                                                                                                                                    |
  |       Subject:  [wss] UDDI liaison to WS-Security regarding Policy (related to QoP discussion)                                               |
  >----------------------------------------------------------------------------------------------------------------------------------------------|




AS a preface to this, let me state that I also sit on the UDDI-spec OASIS
TC, and that Maryann Hondo (from IBM) is the liaison from the WS-S TC to
the UDDI-spec TC. Maryann was invited to the last UDDI TC meeting and we
had a discussion about policy and how it affects UDDI, especially in view
of the December release of WS-Policy and related documents. The discussion
is even more relevant in view of the QoP discussion we’re almost not having
in this group ;)





The UDDI group would like to see a general policy TC be established with
liaisons to many of the OASIS TC’s to develop a policy framework that can
be used for more than just security policy (this is also my opinion,
obviously). This would, for example, also include QoP related work. The
UDDI V3 spec tried to articulate a model for policy but found there was
little in the industry to leverage at the time. We would love to see this
developed further as a separate TC. I’m sending this email to the group
also representing Maryann’s opinion since she’s currently traveling and has
no access to email.





I know this is short notice for tomorrow’s vote, but I’d like us to discuss
this issue a bit more in this group, since it’s a decision that can affect
a lot of other groups, and possibly the future direction of the WS-Security
work.





  --  Toufic





Toufic Boubez, Ph.D.


Chief Technology Officer





LAYER 7 TECHNOLOGIES / Advancing the application network.





604.681.9377 x310 (w)   604.818.7683 (m)


tboubez@layer7-tech.com (e)  www.layer7-tech.com (w)