- From: Dale Moberg <dmoberg@cyclonecommerce.com>
- Date: Wed, 13 Feb 2002 12:22:13 -0700
- To: "Jonathan Marsh" <jmarsh@microsoft.com>, <www-ws-desc@w3.org>
Thanks very much for the list! Maybe DR003 covers this, but I would like to see the issue of trusting a WSDL doc. treated. I would like to see XMLDsig used in signing some/all of a WSDL doc. Best practices for signing MUST be documented (canonicalization transforms, XPath selectors, etc). This allows for "a" trust implementation even though specific WSDL distribution services may add additional trust related functions and practices. I don't think trust should be entirely left to server side SSL authentication on the services themselves. I would probably be willing to leave this function out of the "core" functionality, because some client configuration WSDL driven tools might not care about issues of trusting WSDL input. -----Original Message----- From: Jonathan Marsh [mailto:jmarsh@microsoft.com] Sent: Wednesday, February 13, 2002 10:10 AM To: www-ws-desc@w3.org Subject: Collected Requirements Enclosed is a document that collects the requirements posted to this list, for the purposes of assigning numbers to each requirement.
Received on Wednesday, 13 February 2002 14:22:50 UTC