RE: D-AG006 Security from Joseph Hui on 2002-03-13 (www-ws-arch@w3.org from March 2002)

From: Joseph Hui <jhui@digisle.net>
Date: Wed, 13 Mar 2002 07:36:09 -0800
To: <www-ws-arch@w3.org>
Message-ID: <C153D39717E5F444B81E7B85018A460B081B274B@ex-sj-5.digisle.com>
> From: David Orchard [mailto:david.orchard@bea.com]
[snip]
> Joe,
> 
> Do I understand correctly that you believe that the web services
> architecture should define something in the area of two phase 
> commit for web services as a goal?

Dave,

No, heck no.  2PC is a mechanism for TP, and it's not
even for sure that TP should be in our WS-Arch.
(Recall we don't mechanisms.  They'll be left to
the implementers.)

BTW, The TP was a "while at it, ..." sidebar in my response to
Roger on RM in security.  (I snipped out that part of the text
while trying to keep the message more readable.  Perhaps I should
have kept the text to keep more context for the readers.)
Anyway, I'm not even championing for TP to be in.  But if someone
else chooses to champion for it, then that's fine with me.  
I'm easy about this one (and RM as well).

Cheers,

Joe Hui
Exodus, a Cable & Wireless service
===================================================

> 
> Cheers,
> Dave
> 
> > -----Original Message-----
> > From: www-ws-arch-request@w3.org 
> [mailto:www-ws-arch-request@w3.org]On
> > Behalf Of Joseph Hui
> > Sent: Tuesday, March 12, 2002 3:49 PM
> > To: www-ws-arch@w3.org
> > Subject: RE: D-AG006 Security
> >
> >
> > > -----Original Message-----
> > [snip]
> > > Or are you talking about the idea of "rolling
> > > back" a transaction if it fails ...
> >
> > This type of course -- one atomic operation, do all or
> > do none -- the type that generally employs 2-phase-commit
> > algorithms.
> >
> > Joe Hui
> > Exodus, a Cable & Wireless service
> > =========================================
> > >
> > > -----Original Message-----
> > > From: Joseph Hui [mailto:jhui@digisle.net]
> > > Sent: Tuesday, March 12, 2002 4:14 PM
> > > To: Cutler, Roger (RogerCutler); Krishna Sankar; 
> www-ws-arch@w3.org
> > > Subject: RE: D-AG006 Security
> > >
> > >
> > > > -----Original Message-----
> > > [snip]
> > > > Could we possibly consider putting reliable messaging into
> > > > the security bucket?
> > >
> > > I don't think so.  There's no security primitives that
> > > would fit the bill of reliable messaging (RM), which I sometimes
> > > characterize as "layer-7 TCP" where a session between two
> > > endpoints may span
> > > over several time-serialized connections, disconnections,
> > > reconnections.
> > > AG006 may include securing RM, but not RM per se.
> > >
> > > While at it, let me mention that if you want to include
> > > RM in WS-Arch, then you may as well not leave out transaction
> > > processing.
> > >
> > > [snip]
> > > > it is a natural
> > > > progression of thought:  "I'm worried about who the author of
> > > > the message
> > > > is, whether it is distorted, and that IT ACTUALLY GETS THERE".
> > >
> > > ^^^^^^^^^^^^^^^^^^^^^^ There no
> > > security primitives that can guarantee data arrival.
> > >
> > > Joe Hui
> > > Exodus, a Cable & Wireless service
> > >
> > >
> > >
> >
> >
> 
>
Received on Wednesday, 13 March 2002 10:36:40 UTC