W3C home > Mailing lists > Public > www-ws@w3.org > March 2002

Security Issues in Web-Services

From: Naresh Agarwal <nagarwal@in.firstrain.com>
Date: Fri, 8 Mar 2002 16:48:45 +0530
Message-ID: <205C5F16CA92F94484F054E94520F4D7048562@mail.in.firstrain.com>
To: <www-ws@w3.org>
Hi

Following encapsulated all the security-related issue, which any
protocol should address to.. 

a) Privacy
b) Authntication
c) Integrity
d) Non-repudiation
e) Access Control (Authorization)


I have some questions about these in the context of SOAP and
Web-Services.

1)  What is the status of XKMS, and which of above mentioned issues it
would  address?  Also which soap implementations currently support XKMS?

2)  What is the status of SOAP-Dsig., and which of the above mentioned
issues it would address? Also which soap implementations currently
support SOAP-DSig.

3)  Are there any other upcoming standards, which would address the
above mentiones issues?

4)  Most SOAP implementation use HTTP as transport protocol and hence
can not use TLS. Is there any soap implementation, which supports HTTPS?

5)  Assuming that the standards like XKMS, SOAP-Dsig. etc would take
some time to get mature, what is the way to address above mentioned
issue in SOAP without using these standards?


thanks,

regards,
Naresh Agarwal
Received on Friday, 8 March 2002 06:18:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:25:40 GMT