- From: Alex Ceponkus <aceponkus@bowstreet.com>
- Date: Wed, 6 Dec 2000 14:09:44 -0500
- To: xml-dist-app@w3.org
DR046 is currently in the 'application semantics out of scope' section. At first, it might seem that it is a duplicate of DR608. However, DR608 deals with security frameworks that pertain to protocol bindings, like SSL. DR046 deals with the flip side, the security frameworks that would be layered on top of XP and which would be considered application semantics. For example, XML Signature, S2ML and AuthXML would fit this description. DR046 currently reads: " xml protocol should work well with popular security mechanisms. Issue (i.046.01): Popular ones are smime/ssl/digital signatures. Issue (i.046.02): For example SSL, SMIME, DSIG. " We might want to consider a rewording to something like the following: "XML Protocol should not preclude the use of application defined security mechanisms." As with DR124 and DR125, DR305 seems broad enough that it might engulf this one. Any suggestions? Useful links... S2ML: http://www.s2ml.org/ AuthXML: http://www.authxml.org/ IETF/W3C XML-Signature WG: http://www.w3.org/Signature/ Oasis Security Services Technical Committee: http://www.oasis-open.org/committees/security/index.shtml Alex
Received on Wednesday, 6 December 2000 14:14:28 UTC