W3C home > Mailing lists > Public > public-ws-addressing@w3.org > March 2005

Re: Proposing a wsa:Security element

From: Hugo Haas <hugo@w3.org>
Date: Mon, 14 Mar 2005 17:42:39 +0100
To: Maryann Hondo <mhondo@us.ibm.com>
Cc: public-ws-addressing@w3.org, Rich Salz <rsalz@datapower.com>
Message-ID: <20050314164239.GN20469@w3.org> 

* Maryann Hondo <mhondo@us.ibm.com> [2005-03-14 15:59+0000]
> Do you really think security is "just" metadata?

I didn't approach the problem that way.

We introduced the [metadata] bucket as a place where we could put
information about the EPR and the endpoint.

Rich proposed an additional container "intended to be used as a
container for security information (signatures, keys, etc) about the
EPR."

The security information could be:
1. sprinkled in the EPR
2. sprinkled in the [metadata] property
3. gathered in a wsa:Security element in the EPR
4. gathered in a wsa:Security element being part of the [metadata]
   property

The first two solutions don't require more work from our WG. Since our
existing bucket seems to be a fairly all-purpose container for
information about the EPR, I wondered what was wrong about using it
for security data there too (solution #2).

Cheers,

Hugo

-- 
Hugo Haas - W3C
mailto:hugo@w3.org - http://www.w3.org/People/Hugo/
Received on Monday, 14 March 2005 16:42:40 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:35:04 GMT