- From: Ahmed, Zahid <zahid.ahmed@commerceone.com>
- Date: Wed, 24 Apr 2002 16:12:35 -0700
- To: www-ws-arch@w3.org
I'm not sure to what extent we have factored in the latest
WS-Security specification and WS-Security Roadmap document
that IBM, Microsoft, and Verisign recently published.
See:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnglobspec/
html/ws-security.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwssecur/h
tml/securitywhitepaper.asp
E.g., w.r.t.
>The description of a web service SHOULD include security policy.
There is discussion of a future WS-Policy specification, among
a range of additional security extensions.
thanks,
Zahid Ahmed
Security Architect
Commerce One, Inc.
408-517-3903
-----Original Message-----
From: Joseph Hui [mailto:jhui@digisle.net]
Sent: Wednesday, April 24, 2002 3:45 PM
To: Austin, Daniel; www-ws-arch@w3.org
Subject: RE: Web Services Architecture Requirements 23 April 2002
Hi Daniel, Sharad, & Abbie,
I presented the following during the F2F group summaries and later
in a www-ws0arch message [1] addressed to the editors, but they all
seemed to have gotten lost. So here they go again.
* In AC0006.3, the parenthesized text ("to be executed by
security mechanisms") should be deleted.
* There should be the addition of D-AR6010:
The description of a web service SHOULD include security policy.
[I'd think there should be a similar requirement for Privacy,
e.g. "The description of a web service SHOULD [or MAY?]
include privacy policy." I'll defer this to Hugo the Privacy
champion though.]
Also, why were the MUST's in D-AR600* replaced with must's?
Note that Section 1.2 says the doc uses the RFC 2119 convention.
Regards,
Joe Hui
Exodus, a Cable & Wireless service
[1] http://lists.w3.org/Archives/Public/www-ws-arch/2002Apr/0085.html
=======================================================================
> -----Original Message-----
> From: Austin, Daniel [mailto:Austin.D@ic.grainger.com]
> Sent: Tuesday, April 23, 2002 1:29 PM
> To: www-ws-arch@w3.org
> Subject: Web Services Architecture Requirements 23 April 2002
>
>
> Gentlebeings,
>
> I've uploaded the most recent version of the
> requirements document
> to:
>
> http://www.w3.org/2002/ws/arch/2/wd-wsawg-reqs-04232002.html
>
> This version incorporates many changes from our
> discussions both at
> the face to face meeting and on the telephone and in the
> mailing list. This
> version is intended for publication as a Working Draft upon
> approval of the
> W3C.
>
> Here is a (partial) list of the changes in this version:
>
> * removed user scanrios section
> * added top-level goals from f2f
> * relettered prior goals to CSFs
> * modified each CSF to reflect current wording and requirements
> * removed some sections
> * reworked document organization and structure
> * changed from editor's draft to working draft
> * updated status section
> * lots of other small changes.
>
> There are still some issues with this version:
> * numbering is irregular
> * list formatting is inconsistent
> * analysis matrices not yet added
> * document text needs coherence
> * does not yet pass publication validator at W3C
>
> Please send comments and feedback to the list! Thanks to Chris,
> Hugo, and of course Abbie and Sharad for all the hard work.
>
> Regards,
>
> D-
>
> **************************************************************
> *********
> Dr. Daniel Austin, Sr. Technical Architect
> austin.d@ic.grainger.com (847) 793 5044
> Visit: http://www.grainger.com
>
> "Sapere Aude!"
>
>
>
>
Received on Wednesday, 24 April 2002 19:12:54 UTC