- From: Krishna Sankar <ksankar@cisco.com>
- Date: Tue, 12 Mar 2002 16:37:23 -0800
- To: <www-ws-arch@w3.org>
Ann, Good idea. Do we have an D-AG00x number for QoS ? Like Ann points out, we also need a vocabulary for defining and describing QoS related factors for interoperability. I also would like to add cachability factors in the same bucket. BTW, ebXML would be a good start. I think it is in our charter to work with OASIS and W3C groups on this. cheers | -----Original Message----- | From: Anne Thomas Manes [mailto:anne@manes.net] | Sent: Tuesday, March 12, 2002 4:16 PM | To: Krishna Sankar; www-ws-arch@w3.org | Subject: RE: D-AG006 Security | | | Perhaps we should define a requirement to specify quality of | service, which | would include security, transactions, reliability, etc. | | Although BTP, ebXML MS, SAML, and other technologies address | these areas, | they don't specify how a SOAP message should relay this | information (well, | ebXML does -- but most of the SOAP community doesn't pay much heed to | ebXML). If we're to enable interoperability, at some point | we'll need to | form groups to define SOAP extenstions that specify how to | represent this | information/context in SOAP headers. | | Anne | | > -----Original Message----- | > From: www-ws-arch-request@w3.org | [mailto:www-ws-arch-request@w3.org]On | > Behalf Of Krishna Sankar | > Sent: Tuesday, March 12, 2002 6:01 PM | > To: www-ws-arch@w3.org | > Subject: RE: D-AG006 Security | > | > | > Hi all, | > | > Couple of points : | > | > 1. Message delivery semantics - Once and Once only or at | > most once or best effort - are not under security per se. | They can be a | > consideration in some other "bucket" | > | > 2. Same goes with transactions - in the strict traditional | > sense (distributed transaction with roll back/commit | capability) or the | > new paradigm (a la BTP) with compensating trx et al. | > | > I think in both cases, the architecture can specify placeholders | > for a web service to specify all these attributes. May be | we could refer | > to the appropriate disciplines/initiatives to define the actual | > semantics - BTP (for distributed trx), ebXML (for Reliable | messaging) et | > al. | > | > Secure messaging would be under security. | > | > cheers | > | > | -----Original Message----- | > | From: www-ws-arch-request@w3.org | > | [mailto:www-ws-arch-request@w3.org] On Behalf Of Cutler, | > | Roger (RogerCutler) | > | Sent: Tuesday, March 12, 2002 2:28 PM | > | To: 'Joseph Hui'; Cutler, Roger (RogerCutler); Krishna | > | Sankar; www-ws-arch@w3.org | > | Subject: RE: D-AG006 Security | > | | > | | > | I'm not quite sure what you mean by "transaction | > | processing". I have heard | > | the term used in more than one way. Is the concern | > | essentially to have a | > | mechanism for handling stateful transactions -- for example, | > | to carry state | > | information in the messages? Or are you talking about the | > | idea of "rolling | > | back" a transaction if it fails -- or possibly of initiating | > | compensating | > | transactions? | > | | > | -----Original Message----- | > | From: Joseph Hui [mailto:jhui@digisle.net] | > | Sent: Tuesday, March 12, 2002 4:14 PM | > | To: Cutler, Roger (RogerCutler); Krishna Sankar; | www-ws-arch@w3.org | > | Subject: RE: D-AG006 Security | > | | > | | > | > -----Original Message----- | > | [snip] | > | > Could we possibly consider putting reliable messaging into | > | > the security bucket? | > | | > | I don't think so. There's no security primitives that | > | would fit the bill of reliable messaging (RM), which I sometimes | > | characterize as "layer-7 TCP" where a session between two | > | endpoints may span | > | over several time-serialized connections, disconnections, | > | reconnections. | > | AG006 may include securing RM, but not RM per se. | > | | > | While at it, let me mention that if you want to include | > | RM in WS-Arch, then you may as well not leave out | > | transaction processing. | > | | > | [snip] | > | > it is a natural | > | > progression of thought: "I'm worried about who the author of | > | > the message | > | > is, whether it is distorted, and that IT ACTUALLY GETS THERE". | > | | > | ^^^^^^^^^^^^^^^^^^^^^^ There no | > | security primitives that can guarantee data arrival. | > | | > | Joe Hui | > | Exodus, a Cable & Wireless service | > | | > | | > | | > | |
Received on Tuesday, 12 March 2002 19:37:59 UTC