- From: Joseph Hui <Joseph.Hui@exodus.net>
- Date: Thu, 20 Jun 2002 12:18:40 -0700
- To: "Dournaee, Blake" <bdournaee@rsasecurity.com>, "Krishna Sankar" <ksankar@cisco.com>, <www-ws-arch@w3.org>, <xml-encryption@w3.org>, <www-xkms@w3.org>, <reagle@w3.org>
> From: Dournaee, Blake [mailto:bdournaee@rsasecurity.com] > Sent: Thursday, June 20, 2002 11:52 AM > To: Joseph Hui; Krishna Sankar; www-ws-arch@w3.org; > xml-encryption@w3.org; www-xkms@w3.org; reagle@w3.org > Subject: SOAP Confidentiality and Integrity: What do we have now? > > > Hello All, > > Where exactly do we stand in terms of existing proposals (W3C Notes, > additional specs, etc) that offer confidentiality and > integrity for SOAP > messages? We have [1], which has been used in practice by > some of RSA's > customers. Is this is only existing piece of work on the subject. [1] does not satisfy the confidentiality req. For that you need xenc. Note that both xenc and xml-dsig are message-based approaches from W3C. There're also the channel-based approaches that can satisfy the two said requirements (presumably of your particular interest) coming from outside of W3C, for instance, the TLS, IPSec from IETF. Joe Hui Exodus, a Cable & Wireless service [1] http://www.w3.org/TR/SOAP-dsig/
Received on Thursday, 20 June 2002 15:17:56 UTC