- From: Rich Salz <rsalz@datapower.com>
- Date: Fri, 30 Sep 2005 10:19:07 -0400
- To: Matt Long <mlong@mvsquared.net>
- CC: Jose Kahan <jose.kahan@w3.org>, W3C XKMS WG <www-xkms@w3.org>
> Suppose a service requires the use of ds:KeyName for a specific > operation to resolve the correct HMAC keying material for the HMAC > computation. Under such a scenario, the WSDL cannot communicate this to > the client. Therefore, this hypothetical service has a concrete policy > that needs to be understood by a client. Yup, I get it. Yup, you can't do that right now. Some folks would argue WSDL 2.0 'features' let you express this kind of stuff. Some folks would argue that WS-Policy (et al) attached to the WSDL let you express this kind of stuff. I think it's way too early and that yes, out-of-band knowledge about what the serviceURL means is all we have right now. I'm willing to add a paragraph that says this, if you think it worthwhile. /R$ -- Rich Salz, Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
Received on Friday, 30 September 2005 14:15:08 UTC