- From: Timothy N. Jones <tim@crossweave.com>
- Date: Fri, 3 May 2002 10:43:35 -0700 (PDT)
- To: Hugo Haas <hugo@w3.org>
- Cc: www-ws-arch@w3.org
I am also confused about the role of policies in the architecture. The mental model I have is that the architecture specifies the threat model, the security technology provides the mechanisms to combat the identified threats, and particular services provide the policies that utilize and coordinate the mechanisms in particular contexts. Tim > Rereading AC006.1, AC006.2 and AC006.3, I am not sure I understand > what Web Services Security Policies are. > AC006.2 seems like an intermediary step for achieving AC006.3. Is it > necessary? How is it related to "security policy" in D-AR006.10. > Sorry to be going over that again, but it is not crystal-clear to me. > Thanks. > Regards, > Hugo > -- > Hugo Haas - W3C > mailto:hugo@w3.org - http://www.w3.org/People/Hugo/ - tel:+1-617-452-2092
Received on Friday, 3 May 2002 13:44:11 UTC