Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

WS Specs - Only an amalgam of other XML Specs - So what use?  RSS feed

 
Prasad DV
Author
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
WS Specs - much touted as the ultimate assurance of security in a web service is nothing but an amalgam of various existing XML specs like XML Signature, XML Encryption and XML Key Management specs. So what is new in this? Do we really need one more spec?
I invite comments on this. (However, I would like to reserve my final word on this for a leter post!)
Prasad DV :roll:
 
Juanjo Bazan
Ranch Hand
Posts: 231
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think a good point about WS specs is standarization.
I see it as a good try to set a standard for all the industry, where the big companies are alltogether pointing the same way...
 
Kyle Brown
author
Ranch Hand
Posts: 3892
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
They go a bit beyond that -- the standard SOAP header definitions for one are something that you can't find in the other specs...
Kyle
 
Prasad DV
Author
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Good show! I am counting two for two good reasons for WS Security specs and expect more good reasons to be identified! My last word at the end!!
 
Stanley Tan
Ranch Hand
Posts: 243
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
At the rate all these standards, drafts and other things are coming out, I'm starting to wonder how I'll ever keep up
 
Prasad DV
Author
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Some good reasons for WS Security specs, in my opinion are:
1. Involvement of the bigwigs of the industry and thir commitment
2. Fine tuning of the existing specs to suit SOAP messaging capability (e.g. please see Kyle Brown's posing under "XML Signature - why not Enveloping Signatures for SOAP Messages?")
3. Providing a single point of reference to web service developers rather than making them look at various spec for each aspect of security.
4. Modularity - various aspects are security are placed in different modules all coming within the SOAP HEADER
5. Transport Neutrality and App Domain Neutrality
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!