W3C home > Mailing lists > Public > www-ws-arch@w3.org > April 2002

RE: Web Services Architecture Requirements 23 April 2002

From: Ahmed, Zahid <zahid.ahmed@commerceone.com>
Date: Wed, 24 Apr 2002 16:12:35 -0700
Message-ID: <C1E0143CD365A445A4417083BF6F42CC02F8904F@C1plenaexm07.commerceone.com>
To: www-ws-arch@w3.org
I'm not sure to what extent we have factored in the latest
WS-Security specification and WS-Security Roadmap document
that IBM, Microsoft, and Verisign recently published.

See:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnglobspec/
html/ws-security.asp

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwssecur/h
tml/securitywhitepaper.asp

E.g., w.r.t.

>The description of a web service SHOULD include security policy. 

There is discussion of a future WS-Policy specification, among
a range of additional security extensions.

thanks,
Zahid Ahmed
Security Architect
Commerce One, Inc.
408-517-3903

-----Original Message-----
From: Joseph Hui [mailto:jhui@digisle.net]
Sent: Wednesday, April 24, 2002 3:45 PM
To: Austin, Daniel; www-ws-arch@w3.org
Subject: RE: Web Services Architecture Requirements 23 April 2002


Hi Daniel, Sharad, & Abbie,

I presented the following during the F2F group summaries and later
in a www-ws0arch message [1] addressed to the editors, but they all
seemed to have gotten lost.  So here they go again.

   * In AC0006.3, the parenthesized text ("to be executed by
     security mechanisms") should be deleted.

   * There should be the addition of D-AR6010:

     The description of a web service SHOULD include security policy. 

     [I'd think there should be a similar requirement for Privacy,
      e.g. "The description of a web service SHOULD [or MAY?]
      include privacy policy."  I'll defer this to Hugo the Privacy
      champion though.]

Also, why were the MUST's in D-AR600* replaced with must's?
Note that Section 1.2 says the doc uses the RFC 2119 convention.

Regards,

Joe Hui
Exodus, a Cable & Wireless service

[1] http://lists.w3.org/Archives/Public/www-ws-arch/2002Apr/0085.html

=======================================================================
> -----Original Message-----
> From: Austin, Daniel [mailto:Austin.D@ic.grainger.com]
> Sent: Tuesday, April 23, 2002 1:29 PM
> To: www-ws-arch@w3.org
> Subject: Web Services Architecture Requirements 23 April 2002
> 
> 
> Gentlebeings,
> 
> 	I've uploaded the most recent version of the 
> requirements document
> to:
> 
> http://www.w3.org/2002/ws/arch/2/wd-wsawg-reqs-04232002.html
> 
> 	This version incorporates many changes from our 
> discussions both at
> the face to face meeting and on the telephone and in the 
> mailing list. This
> version is intended for publication as a Working Draft upon 
> approval of the
> W3C.
> 
> 	Here is a (partial) list of the changes in this version:
> 
> * removed user scanrios section
> * added top-level goals from f2f
> * relettered prior goals to CSFs
> * modified each CSF to reflect current wording and requirements
> * removed some sections
> * reworked document organization and structure
> * changed from editor's draft to working draft
> * updated status section
> * lots of other small changes.
> 
> 	There are still some issues with this version:
> * numbering is irregular
> * list formatting is inconsistent
> * analysis matrices not yet added
> * document text needs coherence
> * does not yet pass publication validator at W3C
> 
> 	Please send comments and feedback to the list! Thanks to Chris,
> Hugo, and of course Abbie and Sharad for all the hard work. 
> 
> Regards,
> 
> D-
> 
> **************************************************************
> *********
> Dr. Daniel Austin, Sr. Technical Architect
> austin.d@ic.grainger.com (847) 793 5044
> Visit: http://www.grainger.com
> 
> "Sapere Aude!"
> 
> 
> 
> 
Received on Wednesday, 24 April 2002 19:12:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:24:57 GMT