W3C home > Mailing lists > Public > www-ws-desc@w3.org > February 2002

RE: Collected Requirements

From: Dale Moberg <dmoberg@cyclonecommerce.com>
Date: Wed, 13 Feb 2002 12:22:13 -0700
Message-ID: <9551E76040A2604BBD331F3024BFEA48EF6049@SEMINOLEVS2.cyclonecommerce.com>
To: "Jonathan Marsh" <jmarsh@microsoft.com>, <www-ws-desc@w3.org>
Thanks very much for the list!

Maybe DR003 covers this, but I would like to 
see the issue of trusting a WSDL doc. treated.

I would like to see XMLDsig used in signing
some/all of a WSDL doc. Best practices for
signing MUST be documented (canonicalization
transforms, XPath selectors, etc). This allows
for "a" trust implementation even though
specific WSDL distribution services may add
additional trust related functions and 
practices. I don't think trust should be
entirely left to server side SSL authentication
on the services themselves. I would probably
be willing to leave this function out of the
"core" functionality, because some client 
configuration WSDL driven tools might not care
about issues of trusting WSDL input.

-----Original Message-----
From: Jonathan Marsh [mailto:jmarsh@microsoft.com]
Sent: Wednesday, February 13, 2002 10:10 AM
To: www-ws-desc@w3.org
Subject: Collected Requirements


Enclosed is a document that collects the requirements posted to this
list, for the purposes of assigning numbers to each requirement.
Received on Wednesday, 13 February 2002 14:22:50 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:58:18 GMT