- From: Joseph Hui <jhui@digisle.net>
- Date: Tue, 12 Mar 2002 19:05:31 -0800
- To: <www-ws-arch@w3.org>
Hi Suresh, Thanks for sharing your thoughts. My in-lined comments below are an attempt to get some closure on open issues in our goal refining, for status reporting purpose. > BTW, do you find the D-AG006 goal statement as-is acceptable? > (I do, BTW.) Care to share any thoughts on it? > > <sd> > Sure, since you asked:-) > I find that goal unrealistic and impossible to achieve (as stated). I beg to differ with an optimistic alternative :-) I think it can be done, as long as the negative-deliverable argument I alluded to in [1] is understood. > "AG006 -- addresses the security of web services across > distributed domains and platforms" > I would restate it as follows to reflect what can be done. > "AG006 : supports securing of web services implemented in heterogeneous > environments" Then again, arguments can be made for passing over the "heterogeneous environments" because in our "universe" there's only one environment -- the web services environment. .-) Pardon me if this comes across as tongue-in-cheek. Also, the verb "supports" is weaker than I'd like to see in our WSsec context. Others may think differently though. What I'm trying to say is that I don't think the gain that may (or may not) be made by replacing "across distributed domains and platforms" with "in heterogeneous environments" will be substantial enough to warrant revamping D-AG006 entirely. Frankly I could have suggested replacing "distributed" with "separately administrated," because much can be inferred about security from such a loaded term, but the difference it might make was not significant enough for me to open a Pandora's box. Cheers, Joe Hui Exodus, a Cable & Wireless service [1] http://lists.w3.org/Archives/Public/www-ws-arch/2002Mar/0205.html
Received on Tuesday, 12 March 2002 22:05:32 UTC