W3C home > Mailing lists > Public > public-ws-policy@w3.org > July 2006

NEW ISSUE: HTTP/HTTPS conflict resolution between policy assertion and WSDL

From: Toufic Boubez <tboubez@layer7tech.com>
Date: Mon, 17 Jul 2006 22:02:13 -0700
Message-ID: <970F9C1BF72BF24C8932796D254568B7D4C986@layer7-mx0.l7tech.local>
To: <public-ws-policy@w3.org>
Title - HTTP/HTTPS conflict resolution between policy assertion and WSDL
 
Description - If the security policy assertion requires the use of HTTPS transport level security and WSDL port address uses HTTP scheme, what is the best practice guidance for requestors?
 
Target - WS-Policy Attachment 1.5? Primer?
 
Proposal - Not sure if I have an absolute proposal, but I'll get the ball rolling: I propose that if there is a conflict, that since presumably the policy authors are a better authority as to what policies should exist for a service, whereas the WSDL might have been automatically generated by a tool or a developer, the policy assertion takes precedence.
 
Toufic Boubez, Ph.D.
Chief Technology Officer
 
LAYER 7 TECHNOLOGIES / Advancing the application network.
604.681.9377 x310 (w)   604.288.7970 (m)
tboubez@layer7tech.com <mailto:tboubez@layer7tech.com>  (e)  www.layer7tech.com (w)
Received on Tuesday, 18 July 2006 05:02:34 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:20:40 GMT