W3C home > Mailing lists > Public > xml-dist-app@w3.org > December 2000

DR046 -- Application Semantics and Security

From: Alex Ceponkus <aceponkus@bowstreet.com>
Date: Wed, 6 Dec 2000 14:09:44 -0500
Message-ID: <27D6DE55E78ED411872100B0D049008D2E01CE@bst-mail01.pnh.bowstreet.com>
To: xml-dist-app@w3.org
DR046 is currently in the 'application semantics out of scope' section.  At
first, it might seem that it is a duplicate of DR608.  However, DR608 deals
with security frameworks that pertain to protocol bindings, like SSL.  DR046
deals with the flip side, the security frameworks that would be layered on
top of XP and which would be considered application semantics.  For example,
XML Signature, S2ML and AuthXML would fit this description.

DR046 currently reads:
"
xml protocol should work well with popular security mechanisms. 
Issue (i.046.01):

Popular ones are smime/ssl/digital signatures.

Issue (i.046.02):

For example SSL, SMIME, DSIG.
"

We might want to consider a rewording to something like the following:
"XML Protocol should not preclude the use of application defined security
mechanisms."

As with DR124 and DR125, DR305 seems broad enough that it might engulf this
one.

Any suggestions?


Useful links...
S2ML: http://www.s2ml.org/
AuthXML: http://www.authxml.org/
IETF/W3C XML-Signature WG: http://www.w3.org/Signature/
Oasis Security Services Technical Committee:
http://www.oasis-open.org/committees/security/index.shtml


Alex
Received on Wednesday, 6 December 2000 14:14:28 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:58:57 GMT