W3C home > Mailing lists > Public > www-ws-desc@w3.org > July 2005

[LC76c] Security Considerations proposal

From: Jonathan Marsh <jmarsh@microsoft.com>
Date: Wed, 13 Jul 2005 07:22:31 -0700
Message-ID: <7DA77BF2392448449D094BCEF67569A508351339@RED-MSG-30.redmond.corp.microsoft.com>
To: <www-ws-desc@w3.org>

Per our AI re LC76c, Amy and I propose to:

Add a new Adjuncts section 2.4 as follows:

2.4 Security Considerations

Note that many of the message exchange patterns defined above describe
responses to an initial message (either a normal response message or a
fault.) 

Such responses may be used in attempts to disrupt, attack, or map a
network, host, or services.  When such responses are directed to an
address other than that originating the initial message, the source of
an attack may be obscured, or blame laid on a third party, or may
enable or exacerbate denial-of-service attacks.

Security mechanisms addressing such attacks may prevent the delivery of
response messages to the receiving node.  Conformance to the MEP is
measured absent these security mechanisms.
Received on Wednesday, 13 July 2005 14:23:27 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:58:36 GMT