- From: David Orchard <dorchard@bea.com>
- Date: Wed, 16 Oct 2002 08:36:10 -0700
- To: <www-ws-arch@w3.org>
Hi all, I wanted to potentially raise an issue around liaison with oasis ws-security. ws-security does not currently provide wsdl definitions for the security elements exchanged. There is a discussion list around describing qualities of service. I think it would be a good thing to ask oasis ws-security tc if they could provide wsdl definitions as part of their v1 output. Obviously this is a very delicate area, and we don't want to annoy them. If there isn't a strong majority within our group, then I wouldn't want to proceed either. This certainly appears to be an architectural area. It appears the key issue is around timing of when to provide description - either at the same time as the soap definitions or later. I think this is also a "web service spec" best practice - Descriptions should be provided at the same time as runtime extensions. Some potential wording suggestion "Dear OASIS WS-Security TC, The W3C Web Services Architecture Working Group would like to express it's concern around the lack of WSDL definitions for WS-Security elements in the first version of the WS-Security product. We would like to encourage the WS-Security group to take up this piece of work in the first version of it's product. It appears that the issue is not so much the "goodness" of such a thing, rather the timing is the issue. There are a variety of rationale for including description in v1: 1) To ensure that the runtime aspects can be described in a reasonable manner - it would be unfortunate if some headers were difficult to describe in wsdl; 2) To promote interoperability - bodies such as W3C and WS-I believe that interoperable descriptions are a requirement to interoperability. " Cheers, Dave
Received on Wednesday, 16 October 2002 11:41:12 UTC