W3C home > Mailing lists > Public > www-ws@w3.org > September 2004

RE: WSDL security

From: <paul.downey@bt.com>
Date: Wed, 1 Sep 2004 18:32:59 +0100
Message-ID: <2B7789AAED12954AAD214AEAC13ACCEF2709DB4F@i2km02-ukbr.domain1.systemhost.net>
To: <sanjiva@watson.ibm.com>, <plh@w3.org>
Cc: <huseyin_davut@hotmail.com>, <www-ws@w3.org>
taken, but this really is "eating your own dog food" given most
folks publish their WSDL at a HTTP/S URI (even if that is indexed
using something like UDDI). It might be nice if a stand alone WSDL 
document could be signed.
 
i look forward to seeing WSDLs describing SOAP endpoints which
return the WSDL describing a SOAP service :-)
 
Paul

	-----Original Message----- 
	From: Sanjiva Weerawarana [mailto:sanjiva@watson.ibm.com] 
	Sent: Wed 01/09/2004 16:27 
	To: Downey,PS,Paul,XSJ67A C; plh@w3.org 
	Cc: huseyin_davut@hotmail.com; www-ws@w3.org 
	Subject: Re: WSDL security
	
	

	Why?? You can sign and encrypt it when you're sending it over
	SOAP for example. Why do we need something in WSDL itself?
	
	Sanjiva.
	
	----- Original Message -----
	From: <paul.downey@bt.com>
	To: <plh@w3.org>
	Cc: <huseyin_davut@hotmail.com>; <www-ws@w3.org>
	Sent: Wednesday, September 01, 2004 9:19 PM
	Subject: RE: WSDL security
	
	
	>
	> that's an interesting point. maybe how a WSDL document itself may be
	signed
	> and/or encrypted should be raised as a Last Call comment to the WSD WG?
	>
	> Paul
	>
	> -----Original Message-----
	> From: Philippe Le Hegaret [mailto:plh@w3.org]
	> Sent: 01 September 2004 15:57
	> To: Downey,PS,Paul,XSJ67A C
	> Cc: huseyin_davut@hotmail.com; www-ws@w3.org
	> Subject: RE: WSDL security
	>
	>
	> On Wed, 2004-09-01 at 10:52, paul.downey@bt.com wrote:
	> > AIUI this falls into an area called "Policy", and such policy
	> > assertions may be described in WSDL 1.1/2.0 using an extension
	> > mechanism such as WS-SecurityPolicy [1] or possibly directly in the
	> > WSDL 2.0 language using "Features and Properties".
	>
	> Not necessarily. One might want to sign a WSDL document for example or
	> encrypt it for security reasons.
	>
	> Philippe
	>
	>
	
	

Received on Wednesday, 1 September 2004 17:32:45 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:25:46 GMT