W3C home > Mailing lists > Public > public-ws-policy-qa@w3.org > September 2006

[Bug 3708] Updated Security Considerations section in framework document: Add mention of use of XML Signature to sign policy

From: <bugzilla@wiggum.w3.org>
Date: Wed, 13 Sep 2006 15:01:42 +0000
CC:
To: public-ws-policy-qa@w3.org
Message-Id: <E1GNWFC-0002zZ-Hd@wiggum.w3.org>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=3708





------- Comment #1 from frederick.hirsch@nokia.com  2006-09-13 15:01 -------
In template format:

Description - Update security considerations section of Framework to include
discussion of XML Signature use as well as additional security considerations
from Primer

Justification - Core document should include informative Securiity
Considerations section. Integrity protection and source authentication provided
by XML Signature in non-messaging context should be included as consideration.

Target - WS-Policy Framework [1]

Proposal:

1) Add sentence at end of current section 5 (Security Considerations):

Policies may be signed using XML Signature to provide integrity protection and
origin authentication, especially in contexts where message security is not
appropriate.

2) Incorporate  security considerations listed in contributed primer into
Framework document. See Appendix A in PDF referenced in
http://lists.w3.org/Archives/Public/public-ws-policy/2006Jul/0001

Test: review of section

[1]
http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-framework.html?content-type=text/html;%20charset=utf-8
Received on Wednesday, 13 September 2006 15:02:57 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:21:08 GMT