W3C home > Mailing lists > Public > www-ws-desc@w3.org > July 2005

RE: [LC76c] Security Considerations proposal

From: Tom Jordahl <tomj@macromedia.com>
Date: Sun, 17 Jul 2005 20:18:11 -0400
Message-ID: <39A72E1EBF03EB44AACFD8036D1489F9DF7436@p02exm01.macromedia.com>
To: "Jonathan Marsh" <jmarsh@microsoft.com>, <www-ws-desc@w3.org>

+1
Sounds good and wiggle-room-esque.

Tom Jordahl
Macromedia Server Development 

-----Original Message-----
From: www-ws-desc-request@w3.org [mailto:www-ws-desc-request@w3.org] On
Behalf Of Jonathan Marsh
Sent: Wednesday, July 13, 2005 10:23 AM
To: www-ws-desc@w3.org
Subject: [LC76c] Security Considerations proposal


Per our AI re LC76c, Amy and I propose to:

Add a new Adjuncts section 2.4 as follows:

2.4 Security Considerations

Note that many of the message exchange patterns defined above describe
responses to an initial message (either a normal response message or a
fault.) 

Such responses may be used in attempts to disrupt, attack, or map a
network, host, or services.  When such responses are directed to an
address other than that originating the initial message, the source of
an attack may be obscured, or blame laid on a third party, or may
enable or exacerbate denial-of-service attacks.

Security mechanisms addressing such attacks may prevent the delivery of
response messages to the receiving node.  Conformance to the MEP is
measured absent these security mechanisms.
Received on Monday, 18 July 2005 00:50:30 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:58:36 GMT