Re: Proposal for lc87 and lc55

>>(ii) Users of EPRs should only use EPRs from sources they trust. The  
>>required trust has two aspects:
>>
>>(a) that the EPR was obtained from a trusted source
>>(b) that it was obtained from a source with authority to represent  
>>the [destination] of that EPR.

Like you, I don't believe (ii)(b) is always necessary, for exactly the 
reason you state -- the EPR might contain information signed by the 
addressee.

It's also important to realize that "trust" can be completely determined 
out of band.  For example, within an enterprise, the corporate policy 
might be "everyone uses the corporate registry for WS-A services," and 
the MIS/IT department will help enforce this by some desktop 
configuration tools.

"Do I trust this data?" can often be re-phrased as "am I liable if this 
information is wrong?"  Given the difficulties of getting the crypto 
right (e.g., see 
http://lists.w3.org/Archives/Public/public-ws-addressing/2005Mar/0115), 
I bet that the dominant security model for WS-A will be pre-installed 
configurations (regedit anyone?) and SSL.

	/r$

-- 
Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html

Received on Thursday, 7 July 2005 17:04:37 UTC