- From: Anne Thomas Manes <anne@manes.net>
- Date: Wed, 13 Mar 2002 11:39:31 -0500
- To: "Joseph Hui" <jhui@digisle.net>, <www-ws-arch@w3.org>
We're getting way off topic for security, but ... Reprising a theme I just used in the D-AG0016 thread, it's not within our scope to design a web services transaction system, but we might want to reference the OASIS BTP work. And what we (in a WG yet to be formed) ought to do is design a standard SOAP extension (headers) that can be used to convey BTP transaction context in SOAP messages. Anne > -----Original Message----- > From: www-ws-arch-request@w3.org [mailto:www-ws-arch-request@w3.org]On > Behalf Of Joseph Hui > Sent: Wednesday, March 13, 2002 10:36 AM > To: www-ws-arch@w3.org > Subject: RE: D-AG006 Security > > > > From: David Orchard [mailto:david.orchard@bea.com] > [snip] > > Joe, > > > > Do I understand correctly that you believe that the web services > > architecture should define something in the area of two phase > > commit for web services as a goal? > > Dave, > > No, heck no. 2PC is a mechanism for TP, and it's not > even for sure that TP should be in our WS-Arch. > (Recall we don't mechanisms. They'll be left to > the implementers.) > > BTW, The TP was a "while at it, ..." sidebar in my response to > Roger on RM in security. (I snipped out that part of the text > while trying to keep the message more readable. Perhaps I should > have kept the text to keep more context for the readers.) > Anyway, I'm not even championing for TP to be in. But if someone > else chooses to champion for it, then that's fine with me. > I'm easy about this one (and RM as well). > > Cheers, > > Joe Hui > Exodus, a Cable & Wireless service > =================================================== > > > > > Cheers, > > Dave > > > > > -----Original Message----- > > > From: www-ws-arch-request@w3.org > > [mailto:www-ws-arch-request@w3.org]On > > > Behalf Of Joseph Hui > > > Sent: Tuesday, March 12, 2002 3:49 PM > > > To: www-ws-arch@w3.org > > > Subject: RE: D-AG006 Security > > > > > > > > > > -----Original Message----- > > > [snip] > > > > Or are you talking about the idea of "rolling > > > > back" a transaction if it fails ... > > > > > > This type of course -- one atomic operation, do all or > > > do none -- the type that generally employs 2-phase-commit > > > algorithms. > > > > > > Joe Hui > > > Exodus, a Cable & Wireless service > > > ========================================= > > > > > > > > -----Original Message----- > > > > From: Joseph Hui [mailto:jhui@digisle.net] > > > > Sent: Tuesday, March 12, 2002 4:14 PM > > > > To: Cutler, Roger (RogerCutler); Krishna Sankar; > > www-ws-arch@w3.org > > > > Subject: RE: D-AG006 Security > > > > > > > > > > > > > -----Original Message----- > > > > [snip] > > > > > Could we possibly consider putting reliable messaging into > > > > > the security bucket? > > > > > > > > I don't think so. There's no security primitives that > > > > would fit the bill of reliable messaging (RM), which I sometimes > > > > characterize as "layer-7 TCP" where a session between two > > > > endpoints may span > > > > over several time-serialized connections, disconnections, > > > > reconnections. > > > > AG006 may include securing RM, but not RM per se. > > > > > > > > While at it, let me mention that if you want to include > > > > RM in WS-Arch, then you may as well not leave out transaction > > > > processing. > > > > > > > > [snip] > > > > > it is a natural > > > > > progression of thought: "I'm worried about who the author of > > > > > the message > > > > > is, whether it is distorted, and that IT ACTUALLY GETS THERE". > > > > > > > > ^^^^^^^^^^^^^^^^^^^^^^ There no > > > > security primitives that can guarantee data arrival. > > > > > > > > Joe Hui > > > > Exodus, a Cable & Wireless service > > > > > > > > > > > > > > > > > > > > > > >
Received on Wednesday, 13 March 2002 11:39:38 UTC