W3C home > Mailing lists > Public > www-ws-arch@w3.org > May 2002

RE: D-AR006.10 discussion points

From: Joseph Hui <Joseph.Hui@exodus.net>
Date: Wed, 8 May 2002 08:52:30 -0700
Message-ID: <45258A4365C6B24A9832BFE224837D551D1BF7@SJDCEX01.int.exodus.net>
To: "Darran Rolls" <Darran.Rolls@waveset.com>, "wsawg public" <www-ws-arch@w3.org>
> -----Original Message-----
> From: Darran Rolls [mailto:Darran.Rolls@waveset.com]
> Sent: Tuesday, May 07, 2002 9:33 PM
> To: wsawg public
> Subject: RE: D-AR006.10 discussion points
> 
> 
> On the assumption that "description" refers to WSDL, I'd like 
> to re ask
> the CMPQ question below?
> 
> --------------------------------------------------------
> Darran Rolls                      http://www.waveset.com
> Waveset Technologies Inc          drolls@waveset.com 
> (512) 657 8360                    
> --------------------------------------------------------
> 
> 
> -----Original Message-----
> From: Christopher Ferris [mailto:chris.ferris@sun.com] 
> Sent: Saturday, May 04, 2002 8:59 AM
> To: wsawg public
> Subject: D-AR006.10 discussion points
> 
> WVST: This is very vague.  Security policy means a lot of different
> things.  I apologize if I missed this one, but when we say 
> "description" what do we mean?

The description of a security policy.
Are you trying to tempt someone into talking [mechan]isms? :-)
 
> SYBS: To be discussed whether all Web Services need to have a
> security policy.

Discuss we may.
I believe it's a foregone conclusion, which reflects the
reality, that NOT "all Web Services need to have 
security policy."
 
> W3C: See
> http://lists.w3.org/Archives/Public/www-ws-arch/2002May/0013.html

The text uses SHOULD.  For those that don't need security, just
say NO its sec desc.

> ORCL: SHOULD->MUST, security is important enough that every WS must
> have a security description, even if it is <no security>

Maybe.  It the WG's consensus goes along, then the upgrade
will be in order.  (One may argue that <no security> can be
assume by default, i.e. the absense of a sec pol desc implies
<no security>.)

> CMPQ: Should the description of a Web Service be in the scope 
> of WSDL WG rather than WSA?

I'd say primarily in WSDWG and secondarily in WSAWG.
Recall I mentioned in the telcon the week prior
to publishing the req draft that it'd be critical to get this
req into the draft for the public to discuss ASAP because the
adoption of the req would necessitate liason efforts between
WSAWG and WSDWG specifically for this req.

Joe Hui
Exodus, a Cable & Wireless service
Received on Wednesday, 8 May 2002 11:52:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:24:59 GMT