Re: proposed AC018 rewording from kreger@us.ibm.com on 2002-06-20 (www-ws-arch@w3.org from June 2002)

From: <kreger@us.ibm.com>
Date: Thu, 20 Jun 2002 13:02:10 -0400
To: Mark Baker <distobj@acm.org>
Cc: www-ws-arch@w3.org
Message-ID: <OF4042F234.AA46E065-ON85256BDE.005D5D7B@us.ibm.com>

I don't understand your conclusion.
Why would requiring security to be easily manageable reduce security?  And
what do you mean by reduce security?

Having it be in the management goal does not remove the requirement that
security be manageable.

Heather Kreger
Web Services Lead Architect
STSM, SWG Emerging Technology
kreger@us.ibm.com
919-543-3211 (t/l 441)  cell:919-496-9572


Mark Baker <distobj@acm.org>@w3.org on 06/20/2002 12:36:13 PM

Sent by:    www-ws-arch-request@w3.org


To:    Heather Kreger/Raleigh/IBM@IBMUS
cc:    Joseph Hui <Joseph.Hui@exodus.net>, "ECKERT,ZULAH (HP-Cupertino,
       ex1)" <zulah_eckert@hp.com>, "Damodaran, Suresh"
       <Suresh_Damodaran@stercomm.com>, Hao.He@thomson.ocm.au, adiber@att.
       com, wsgeek2002@yahoo.com, www-ws-arch@w3.org
Subject:    Re: proposed AC018 rewording




Requiring security to be easily manageable may actually reduce security,
so I'd personally like to see it in the management goal, not the
security goal.

On Thu, Jun 20, 2002 at 11:57:49AM -0400, kreger@us.ibm.com wrote:
>
>
> Joe,
> I really think that the security management requirement should stay with
> the security goal.
> I thought that was the net of the F2F, but it was hard for me to know for
> sure.

MB
--
Mark Baker, CTO, Idokorro Mobile (formerly Planetfred)
Ottawa, Ontario, CANADA.               distobj@acm.org
http://www.markbaker.ca        http://www.idokorro.com

Received on Thursday, 20 June 2002 13:02:14 UTC