[Bug 3708] Updated Security Considerations section in framework document: Add mention of use of XML Signature to sign policy from bugzilla@wiggum.w3.org on 2006-09-13 (public-ws-policy-qa@w3.org from September 2006)

From: <bugzilla@wiggum.w3.org>
Date: Wed, 13 Sep 2006 15:01:42 +0000
To: public-ws-policy-qa@w3.org
CC:
Message-Id: <E1GNWFC-0002zZ-Hd@wiggum.w3.org>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=3708





------- Comment #1 from frederick.hirsch@nokia.com  2006-09-13 15:01 -------
In template format:

Description - Update security considerations section of Framework to include
discussion of XML Signature use as well as additional security considerations
from Primer

Justification - Core document should include informative Securiity
Considerations section. Integrity protection and source authentication provided
by XML Signature in non-messaging context should be included as consideration.

Target - WS-Policy Framework [1]

Proposal:

1) Add sentence at end of current section 5 (Security Considerations):

Policies may be signed using XML Signature to provide integrity protection and
origin authentication, especially in contexts where message security is not
appropriate.

2) Incorporate  security considerations listed in contributed primer into
Framework document. See Appendix A in PDF referenced in
http://lists.w3.org/Archives/Public/public-ws-policy/2006Jul/0001

Test: review of section

[1]
http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-framework.html?content-type=text/html;%20charset=utf-8

Received on Wednesday, 13 September 2006 15:02:57 UTC