RE: D-AG006 Security

Alan,

	They can be dissociated. IMHO, they are orthogonal. I do agree
that trx does need duplicate elimination, but it can do that at the trx
layer if the delivery layer cannot guarantee uniqueness.

	And yes, they are not in the security requirements.

cheers

 | -----Original Message-----
 | From: www-ws-arch-request@w3.org 
 | [mailto:www-ws-arch-request@w3.org] On Behalf Of Alan Davies
 | Sent: Tuesday, March 12, 2002 2:50 PM
 | To: www-ws-arch@w3.org
 | Subject: RE: D-AG006 Security
 | 
 | 
 | I don't think guaranteed once-only delivery can be 
 | dissociated from other
 | transactional characteristics - we are talking about 
 | transactionality here,
 | are we not?  
 | 
 | If so, I don't think it belongs in the security pot...
 | 
 | Regards,
 | 
 | Alan Davies, SeeBeyond.
 | 
 | -----Original Message-----
 | From: Cutler, Roger (RogerCutler) 
 | [mailto:RogerCutler@chevrontexaco.com]
 | Sent: Tuesday, March 12, 2002 1:33 PM
 | To: 'Krishna Sankar'; 'Joseph Hui'; www-ws-arch@w3.org
 | Subject: RE: D-AG006 Security
 | 
 | 
 | Could we possibly consider putting reliable messaging into 
 | the security
 | bucket?  I realize that it's a bit different from most of 
 | the things you are
 | talking about, but I think that it is really, really important.  From
 | talking to our eCommerce types I am getting the strong 
 | impression that this
 | is likely to be the biggest inhibiting factor to adoption of 
 | web technology
 | for mainline business functions.  It also seems to me that 
 | although the
 | technology might be different from other security concerns, 
 | it is a natural
 | progression of thought:  "I'm worried about who the author 
 | of the message
 | is, whether it is distorted, and that IT ACTUALLY GETS THERE".
 | 
 | So perhaps:
 | 
 | AG006.8  Reliable delivery - mechanism for guaranteed 
 | once-only delivery of
 | messages to or from web services.
 | 
 | -----Original Message-----
 | From: Krishna Sankar [mailto:ksankar@cisco.com] 
 | Sent: Thursday, March 07, 2002 8:51 PM
 | To: 'Joseph Hui'; www-ws-arch@w3.org
 | Subject: RE: D-AG006 Security
 | 
 | 
 | Joseph,
 | 
 | 	Let me start adding spirit to the discussion (and be 
 | the champion
 | for spirits):
 | 
 | 	I think the requirement is a little too general. I 
 | would prefer it
 | to be spelled at some point. So summarizing your message, 
 | may be we could
 | say :
 | 
 | 	AG006.1 : Address Integrity
 | 	AG006.2 : Address confidentiality
 | 	AG006.3 : Address transfer of context between web services
 | 	AG006.4 : Address transfer of credentials between web services
 | 	AG006.5 : Address exchange of assertions between web 
 | services (This
 | is SAML's domain. I think it will be good for us to address 
 | this at the
 | architecture level)
 | 	AG006.6 : Address trust models (Everything has a trust model -
 | either explicit or implicit. We might as well address this. 
 | BTW, trust model
 | is what we could influence the most)
 | 	AG006.7 : Address Privacy 
 | 
 | cheers
 | 
 |  | -----Original Message-----
 |  | From: www-ws-arch-request@w3.org 
 |  | [mailto:www-ws-arch-request@w3.org] On Behalf Of Joseph 
 | Hui  | Sent:
 | Thursday, March 07, 2002 5:40 PM  | To: www-ws-arch@w3.org  
 | | Subject:
 | D-AG006 Security  | 
 |  | 
 |  | Hi all,
 |  | 
 |  | As the volunteered "champion" (during today's telecon) for 
 |  | one of the WSAWG goals, "AG006 -- addresses the security of 
 |  | web services across distributed domains and platforms," I 
 |  | wish to solicit your interest in starting and sustaining a 
 |  | "spirited" discussion on web services security.  The primary 
 |  | objective (of the discussion) is to confirm the stated goal 
 |  | by *rough* consensus, and refine it (the goal, not the 
 |  | consensus ;-) if necessary.  The secondary objective is to 
 |  | harvest the upshot of the discussion and turn it into 
 |  | something we can use in near term for identifying "Critical 
 |  | Success Factors" -- whatever that may mean to you -- and 
 |  | requirements. Hopefully, by being mindful of the objectives, 
 |  | we can keep this thread reasonably focused.  However, please 
 |  | don't let the objectives adversely constrain your will to 
 |  | express.  You're welcome to disregard the objectives and 
 |  | throw in whatever you see fit in the spirit of doing good 
 |  | for web services security.
 |  | 
 |  | To get the ball rolling, let me start with the goal 
 | statement itself:  | 
 |  |    AG006 -- addresses the security of web services across
 |  |             distributed domains and platforms.
 |  | 
 |  | Q to all: Is the goal set to your satisfaction?  
 |  |           Too broad, too narrow, too ...?
 |  | 
 |  | Answers/comments?
 |  | 
 |  | 
 |  | To flesh out AG006 a bit more in terms of its 
 | implications,  | we can
 | give it another whack at what addressing the web 
 |  | services security (WSsec) should entail in the architecture 
 |  | WS-Arch) to be designed.  Based on some previous discussions 
 |  | fragmented across several threads in www-ws-arch@w3.org, an 
 |  | assertion can be made that attaining goal AG006 entails 
 |  | addressing six security aspects in computing:
 |  |    1) Accessibility;
 |  |    2) Authentication (of ID and data/messages);
 |  |    3) Authorization;
 |  |    4) Confidentiality;
 |  |    5) (data) Integrity; and
 |  |    6) Non-repudiation.
 |  | 
 |  | Comments?  
 |  | 
 |  | 
 |  | Closely related to security is (the issue of) "trust."
 |  | We shall have a security framework alright. The question is: 
 |  | should we include trust modeling as a part of the 
 |  | framework's design, (e.g.. what trust model(s) to recommend 
 |  | or adopt for web 
 |  | services,) thus trust is a part of AG006; or should we deem 
 |  | "trust" outside the scope of AG006, thus we may need a 
 | separate goal?  | 
 |  | Answers/comments?
 |  | 
 |  | 
 |  | Also, there was the mention of "privacy" in the charter, 
 |  | right next to security.  Privacy can mean different things 
 |  | in different contexts, ranging from preventing one's home 
 |  | address disclosed to a web merchant from being sold to 
 |  | junkmailers to keeping one's ID anonymous in transactions. 
 |  | I wasn't at the WS workshop last April, so have no clue
 |  | what that was about.  Can someone shed some light on what 
 |  | the "privacy" is supposed to mean in our WS-Arch context, so 
 |  | we can determine whether it will be appropriate to lump it 
 |  | into AG006, or set a separate goal for it, or whatever?
 |  | 
 |  | Answers/comments?
 |  | 
 |  | 
 |  | Please chime in.
 |  | 
 |  | Thanks,
 |  | 
 |  | Joe Hui
 |  | Exodus, a Cable & Wireless service
 |  | 
 |  | 
 | 
 | 

Received on Tuesday, 12 March 2002 20:24:40 UTC