W3C home > Mailing lists > Public > public-ws-policy@w3.org > October 2006

RE: Action Item 110

From: Toufic Boubez <tboubez@layer7tech.com>
Date: Mon, 23 Oct 2006 22:08:58 -0700
Message-ID: <970F9C1BF72BF24C8932796D254568B7D4CB5C@layer7-mx0.l7tech.local>
To: "Paul Cotton" <Paul.Cotton@microsoft.com>, "Prasad Yendluri" <prasad.yendluri@webmethods.com>, <public-ws-policy@w3.org>
+1.
I thought I had already done that, but I guess not ...  --  Toufic
 
Toufic Boubez, Ph.D.
Chief Technology Officer
 
LAYER 7 TECHNOLOGIES / Advancing the application network.
604.681.9377 x310 (w)   604.288.7970 (m)
tboubez@layer7tech.com <mailto:tboubez@layer7tech.com>  (e)  www.layer7tech.com (w)


________________________________

From: public-ws-policy-request@w3.org on behalf of Paul Cotton
Sent: Mon 10/23/2006 1:21 PM
To: Prasad Yendluri; 'public-ws-policy@w3.org'
Subject: RE: Action Item 110 



+1.

 

Paul Cotton, Microsoft Canada
17 Eleanor Drive, Ottawa, Ontario K2E 6A3
Tel: (613) 225-5445 Fax: (425) 936-7329
mailto:Paul.Cotton@microsoft.com





________________________________

From: public-ws-policy-request@w3.org [mailto:public-ws-policy-request@w3.org] On Behalf Of Prasad Yendluri
Sent: October 23, 2006 4:14 PM
To: 'public-ws-policy@w3.org'
Subject: Action Item 110 

 

Hi,

 

This is regarding AI 110 - http://www.w3.org/2005/06/tracker/wspolicy/actions/110


AI-110 was given to the editors to, "Review next editors draft to see if there are any security considerations from framework doc that apply to attachment doc". This was a result of moving of the security considerations section from the Primer to the Framework specification.


I have reviewed the security considerations sections in current editors drafts (see: http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0111.html) of both Framework and Attachment specifications. The WS-Policy 1.5 Attachment specification already reflects the security considerations <http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-attachment.html#SecurityConsiderations>  that are directly applicable to Policy Attachments <http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-attachment.html#policy_attachment> . However it could be useful to add a sentence that points to the Security Consideration Section of the Framework specification <http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-framework.html#Security_Considerations> , so that some of the items that are applicable in general are also pointed to from here (e.g. Spoofing and Tampering and General XML considerations). There is no need to duplicate that information. A simple "See also the Security Considerations Section in the WS-Policy 1.5 Framework Specification", should suffice.


Thanks,


Prasad


 


 


 


 


 
Received on Tuesday, 24 October 2006 05:11:02 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:20:42 GMT