W3C home > Mailing lists > Public > public-ws-policy@w3.org > October 2006

Action Item 110

From: Prasad Yendluri <prasad.yendluri@webmethods.com>
Date: Mon, 23 Oct 2006 13:13:53 -0700
Message-ID: <A3E375FA108EF94496269A5A96AFCAC10701E88B@mailwest-e0b>
To: "'public-ws-policy@w3.org'" <public-ws-policy@w3.org>


This is regarding AI 110 -

AI-110 was given to the editors to, "Review next editors draft to see if
there are any security considerations from framework doc that apply to
attachment doc". This was a result of moving of the security considerations
section from the Primer to the Framework specification.

I have reviewed the security considerations sections in current editors
drafts (see:
<http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0111.html> )
of both Framework and Attachment specifications. The WS-Policy 1.5
Attachment specification already reflects the security
l#SecurityConsiderations>  considerations that are directly applicable to
l#policy_attachment>  Attachments. However it could be useful to add a
sentence that points to the Security
#Security_Considerations>  Consideration Section of the Framework
specification, so that some of the items that are applicable in general are
also pointed to from here (e.g. Spoofing and Tampering and General XML
considerations). There is no need to duplicate that information. A simple
"See also the Security Considerations Section in the WS-Policy 1.5 Framework
Specification", should suffice.







Received on Monday, 23 October 2006 20:14:21 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:33:16 UTC