- From: Joseph Reagle <reagle@w3.org>
- Date: Thu, 30 May 2002 17:27:06 -0400
- To: w3c-security-ig@w3.org, <www-xenc-xmlp-tf@w3.org>
- Cc: <stephen.farrell@baltimore.ie>, hugo@w3.org, <asirv@webmethods.com>, <pbaker@verisign.com>, <Shivaram.Mysore@Sun.COM>, <fallside@us.ibm.com>, <dturner@microsoft.com>
After the discussion regarding the "XML Security Horizon" (at the AC meeting and elsewhere) the obvious question is how to best satisfy the immediate requirement for integrating dsig, xenc, and SOAP. This *should* be straightforward and I've encouraged discussion but evidently absent this work being explicitly part of a chartered activity there won't be much progress because of IPR concerns. There are two potential avenues. 1. Expand the charter of an existing WG. xenc and xkms have been offered as potential candidates. The charters for xenc, xmldsig, and xkms are all due a revision... If we pursue this path, I favor enlarging the scope of xenc since it is already concerned with working with xmldsig in scenarios like SOAP, and if there are any difficult parts of the work, it probably will be related to the attachment/detachment of payloads under signature, which is something the xenc folks are tackling with respect to [1]. 2. I understand the WS Arch WG should be proposing a charter for a full-blood web service security WG. I understand they are aiming for end July. Anyone with thoughts on which specific option you prefer, or expectations regarding the timing of option 2? [1] http://www.w3.org/Encryption/2001/Drafts/xmlenc-decrypt.html -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Thursday, 30 May 2002 18:41:29 UTC