W3C home > Mailing lists > Public > public-ws-addressing@w3.org > March 2005

Re: Proposing a wsa:Security element

From: Rich Salz <rsalz@datapower.com>
Date: Mon, 14 Mar 2005 10:30:59 -0500
Message-ID: <4235AE33.30308@datapower.com>
To: Hugo Haas <hugo@w3.org>
CC: public-ws-addressing@w3.org

> Couldn't such information go in the [metadata] bucket? It seems that
> we added it for things just like that.

Perhaps.  If you see my longer note about "trust model," you'll see that 
we need a way to aggregate a bunch of security information, and make 
sure it ends up in a WS-Security element.  This may be different from 
other security information that just needs to be used between the client 
and the epr minter (which,  I know, if out of scope; out security model 
should support some kind of interaction there, however).

Yes, a wsa:Security can go into the metadata bucket.  But saying that 
all or any ds:Signature, wsse:SecurityTokenReference, etc., elements get 
the kind of binding I propsed for wsa:Security, is a mistake.

	/r$

-- 
Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
Received on Monday, 14 March 2005 15:30:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:35:04 GMT