RE: Security? from Anne Thomas Manes on 2002-02-15 (www-ws@w3.org from February 2002)

From: Anne Thomas Manes <anne@manes.net>
Date: Fri, 15 Feb 2002 13:54:26 -0500
To: "Narahari, Sateesh" <Sateesh_Narahari@jdedwards.com>, <www-ws@w3.org>
Message-ID: <CJEIKEMEBAONGDDNLEKFCEKFDLAA.anne@manes.net>

Thanks for the clarification, Henrik. You're absolutely right. It is not
within the scope of the Architecture group to define security and licensing
mechanisms.

But if you're tuning into the WSAWG discussion on www-ws-arch@w3.org, you'll
notice that security is already a hot topic. My guess for a likely outcome
is that the architecture group will recommend the formation of a security
working group -- but I'm getting ahead of myself.

Best regards,
Anne

> -----Original Message-----
> From: www-ws-request@w3.org [mailto:www-ws-request@w3.org]On Behalf Of
> Narahari, Sateesh
> Sent: Friday, February 15, 2002 12:57 PM
> To: www-ws@w3.org
> Subject: RE: Security?
>
>
> If security is considered a non-functional requirement( an architectural
> quality) for WS technologies it sure belongs in the domain of
> architecture.
> If security is considered a functional requirement( a feature of
> the WS) to
> be addressed seperately, there may be a need to have a seperate working
> group.
>
> I would be comfortable having Arch WG to address this, and ensure that all
> ws technologies consider these aspects. Treating security as a quality of
> the architecture would go long way in making web services successful.
>
> IMO.
>
> Regards,
> Sateesh
>
> -----Original Message-----
> From: Henrik Frystyk Nielsen [mailto:henrikn@microsoft.com]
> Sent: Friday, February 15, 2002 10:23 AM
> To: Anne Thomas Manes; Michele Costabile; www-ws@w3.org
> Subject: RE: Security?
>
>
>
> As a friendly amendment, while it is certainly within the scope [1] of
> the WS-Arch WG to consider security and licensing, it doesn't seem to be
> within its scope to actually define such mechanisms.
>
> Henrik
>
> [1] http://www.w3.org/2002/01/ws-arch-charter
>
> >No formal activity is underway at this time to standardize WS
> >Security protocols. We just recently formed the Web Services
> >Architecture Working Group, and one of the goals of this group
> >is to address security. See http://www.w3.org/2002/01/ws-arch-charter
> >
> >Best regards,
> >
> >Anne Thomas Manes
> >CTO, Systinet
> >www.systinet.com
> >
> >> -----Original Message-----
> >> From: www-ws-request@w3.org [mailto:www-ws-request@w3.org]On
> >Behalf Of
> >> Michele Costabile
> >> Sent: Friday, February 15, 2002 11:37 AM
> >> To: www-ws@w3.org
> >> Subject: Security?
> >>
> >>
> >> There are a lot of emergin models for applying security to web
> >> services, e.g. using SOAP header to transport Kerberos tickets or
> >> licence data. Is W3C working on a common specification for security
> >> and licensing in WS?
>

Received on Friday, 15 February 2002 13:54:42 UTC