W3C home > Mailing lists > Public > www-ws-arch@w3.org > November 2002

RE: Latest cut at ws-arch to oasis ws-security tc on wsdl defs

From: Cutler, Roger (RogerCutler) <RogerCutler@ChevronTexaco.com>
Date: Fri, 1 Nov 2002 11:05:46 -0800
Message-ID: <7FCB5A9F010AAE419A79A54B44F3718E016246AD@bocnte2k3.boc.chevrontexaco.net>
To: "'David Orchard'" <dorchard@bea.com>, www-ws-arch@w3.org

Looks great to me.

On the typo/wordsmithing front, WSDL needs to be capitalized at the end of
the first list point.  Second paragraph, "recommendation as TO".  Next
sentence, "it is our opinion" (no "of").

-----Original Message-----
From: David Orchard [mailto:dorchard@bea.com] 
Sent: Friday, November 01, 2002 11:50 AM
To: www-ws-arch@w3.org
Subject: Latest cut at ws-arch to oasis ws-security tc on wsdl defs



Please review the following, your comments welcome but also hopefully this
will be the last version before it goes to the oasis ws-security tc.

Dear OASIS WS-Security TC,

The W3C Web Services Architecture Working Group would like to express its
concern around the lack of WSDL definitions for WS-Security elements in the
first version of the WS-Security product.  As a best practice, members of
the web services architecture group believe that WSDL definitions should be
part of any specification of SOAP Modules.  We would like to encourage the
WS-Security group to take up this piece of work in the first version of its
product.  It appears that the issue is not so much the "goodness" of such a
thing, rather the timing is the issue.  There are a variety of rationale for
including description in v1: 1) To ensure that the runtime aspects can be
described in a reasonable manner - it would be unfortunate if some headers
were difficult to describe in wsdl; 2) To promote interoperability.  The
importance of WSDL for interoperability is evident by the prominent place
that WSDL has in the W3C Web Services Activity and the WS-I Basic Profile.

We were made aware of the significant range of possible description.  We
don't think it appropriate to venture into your domain and make a
recommendation as the extent of descriptions that should be provided
- such as trusted authorities, etc.However, it is of our opinion, though we
could easily be mistaken, that a simple description of the required WS
Security elements in a given message is probably doable in a reasonably
short time frame.  We are certainly not advocating a large (year or more)
delay in schedule.

On behalf of the W3C Web Services Architecture Working Group, Dave Orchard
Received on Friday, 1 November 2002 14:06:30 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:25:10 GMT