|
|
|
Rift Threatens Web Services Security Spec
By: Darryl K. Taft
2002-10-07
Article Rating: / 0
There are 0 user comments on this Enterprise Applications story.
Rift Threatens Web Services Security Spec (
Page 1 of 2 ) An emerging rift among supporters of a proposed Web services security specification could slow the ratification of the standard and hamstring enterprises trying to settle on a way to make Web services transactions safer.
Microsoft Corp. and IBM, which, along with VeriSign Inc., published the original Web Services-Security specification, are now in two camps that have contrasting views over what should be done with the specification, also known as WS-Security.
The specification, which came under the control of OASIS, or Organization for the Advancement of Structured Information Standards, in June, defines a set of SOAP (Simple Object Access Protocol) message headers, which are designed to ensure Web services application integrity.
Microsoft, of Redmond, Wash., and companies such as Iona Technologies Inc., of Cambridge, Mass., which are members of OASIS WS-Security Technical Committee, want to push the specification through as is. They contend it is complete enough to give users the security they need now for Web services and can be improved later.
However, officials at IBM, Sun Microsystems Inc., Commerce One Inc., Entrust Inc. and Cisco Systems Inc., among others—and also part of the technical committee—said they believe more needs to be added to the specification. A short list of additional features includes some form of extensions for WSDL (Web Services Description Language) that would enable developers to express how to control the level of encryption, the type of encryption and what gets encrypted. This faction is proposing a Quality of Protection working group to investigate what other additions the specification may need before being released.
"We need the ability to comprehensively control Web services security as it relates to specifying a Web service at design time using WSDL and at run-time using SOAP [and] WSDL," said Zahid Ahmed, XML Web services architect at Commerce One, in Pleasanton, Calif.
The WS-Security Technical Committee may discuss these issues in a conference call meeting this week.
|
|
�������x}r㶲s\@♵M푦d[�kŶ,xMT(��S$�IVr�e��oHKL&{Ɩpi�Fh|Ggg�D�0 pE1�>�yΤ.w߽�!dߛF0m�TE[��Ϡ^�ȈZ#�}wu�9�����;�;#|6�9߽w
A:|@vD��)5'Ӡ5ߙ QcW6g2zʼn9m2�f��E63GE�^�Q�x�yG`aFA<�Q܇CѺ�8�QQ��w,8$ayc�$a��L$tob�QY
��)+Jd/B(?c�s�?C=|'Ț�_h@a5w0vK]K_�n�CQ��eK֠}l�v�i!h�
��!�g�ݻ�H͠L@d jI::�`iTi11܋��Hч(�@g`wX�SVP֣f̴;g�u[g�c=ױ}ǣ��!&�$fF�=~0[��Q�O�+�.m4ZI1'C8:)X ۱2˭��]2��C}t;m�g�E-2GlR�ۄؼ�?0�}�$�O�L�E��7
ؗ�Y֍aE�Yh@�YZkuE9,}h�Um8e��2-Q}/sj_.;gW��([0�u]+i0��n{'Owy@α�{A~A7"�DT*jZ*�ΒDCa�:b= uz�P��%oP~y)ڡVR\ꇣ$0L"�AK�3zĢ>�Q}?M-~k~>EF,��sA4
衊Ġ+W:k֟19zqszr|qӹ54Y�0�9�;R^ٗ{$�NWm2
ǣ1)H|S: Y��t7QZ,/�dR&rZ~@X*V�� Qh�F5
x��%�2Ȍc�Pu��t��C;H}ƚNmҔ�
�)B!aF�`u{n5
@̀k��fk�PX��T`k4�R� 9lb���vf�y�M)o�dr!CU�C�Z9nVȨ9E�SA�EI7CD� r<#�|!XsI��((�G��c�{fws
9t�epv��}�^nVՉ:YX[u5fjZnY?�iYw9yn?^OH{⧋vІ%�����F
,I�!e%�VG%UGVݏUU*P\?,CEe_U�
8ʕ�85n!S[�ö@�.���s+(~��>(�#@>O=�51m;�>�D#ʠ�:괱b{\gf&�hC:}ҍ:LZ ���wb�H[
sX� >$�n탊�J$�>6�ZЉ�χ��˦MfB:�{ǻ�ښA�"(QС4}мa���y�jQ]�*~s`�=�d}
�w�,�߃9�#馥�M�T<�ģ|D }p
C|'s\(L7^"��2(%%E2� D�EM�i�@(�P!$�-4`��r����-l�bo(OH�XZp։p
T6=�H:w&@T�*es㕰RN飲B�^�/_�
2[3CE外ɴh4Z�*?ȉ#�"0�9X����
4gj
h��uc�}\V�5mZO4iMhȄ-�G�n]]ye�l`a��D��%LEw\,O�V�Xsq?7�߀x�Es;J�h`p=XͰ b՜�兏e�5���dѬeB7g
�Ʃ9
\
�W?fx,���qٛ:uVw]ˤF|a) lqF!
+=Ͱ'q\Ý =5q
؇��å&|Uz�I2ۿi
|T!]�\qα�r�B&�k:H(A3�bmy�3�0e[�
kKFM&WQ֙�y)5_M�T$�3(Q2���ӧ�L�E+)I�:3-�h�8E4W-{%ZdYj?EI��T*{ەi]jk-�R�W�7�Bʶb/άl0tjQtTV0R��HH*6@\Z3-#��%."�?ԉW0Z�OpSw{�K5ǰ^\큢�K*+G&,-s5^��a�5sv@���d@��h�`� �DolvCbx5�^zǎ�As,\OT�Z|�mPT�zP��;u��'�JiX�$l
M3r�&\�$(e�8��,[b){��Wб�3a|ec;m�eKKq>Om��V!҇� {LrCmP�Ǧ�"}Zd!ӮW+�,Z!?�ՊRR�$'� �q/#Y
��h�Tر,>�1h}6[u{ABWMK�Ӟ��#瀚b��N!3pPS@1�"N�;/t/U�#/Oј.#
��{�D�Te6f�MT_�P-lt|pE% i�4Q.)J5A�)` L] TFSy��0$u`m��>(cpF,`^V��.^@>C��%%@�Pб"FaK�鬡aKUѫSOm{hA��y-h\>,*'~Ö'"!hG=<6?fCU^f��"ZTblxcCjvXVk�oVX��9�)�3KG0Ɓ3��S\�;u4�-cge@o(��@gf-!WAG�UTe���1_0י� i��̸T*I;D#���w�%
'�L-`���fQ=/YQ��mc1��8�D"pLΨ'?x]@1p�em��`�}ɲI�Tё�I�eA:�<ݐ늦��ln`{Y�0�>AC5"h��!��{3�E�6YҚ� o�;@+%5-|
?Ԋ���kt)D���~d71SF
Ma�f�k}�YP~Wּs�Aco^q��Lj��B:GdH���#PaNT:ɢ.1�՟$PS*eYS!bW
hę�f�~g˪��gay�Ϥ͋�|5]|l9sHNq采Lk�sP�sQ�,��V-0��3kF_H]'~4N_�:&F}^D
�ϓGjZ%1ߖ409E�W�|��)3p35AaϘɗ玾_!c�
�JGx}n|/�U;A�9Xhb5F�J9��ޥx�P͜��P7@y #kU��^ �q�ɕN_ 9{o$*,3 㪧RQ�u@V �3ˁ#_.�QX�z�[VUe@5yH3m
9
=EZЋ1GKL.^8��q�?TYe)(@q�c@@fuR/ʖpK%4e3/�.9@غ<�y}���Hw▴Fu8X'̔-$h5%-QXu@�j:��U!neU�uZ]J֟'a�uvLؙy�(Fߋ]�WeRTR33L�Mn@p���Ośn�3A
|(U˚V��*j�٘ȅi�0F�P�R���yH�P?l��^*~
d>C���`t>V�X8��'?�lgH #
�+S��~!RHC+#I ���Uq�� gwPDR
f�3 991t/x{qqwo�zՕݷ K�
� ��$^E�1`w};W^^����VCr|8Gq��z}cq 2
}E\u@*�v-?~<:��m~71%|˾FIM $ȅ��X�Np��CfOճ2urҹ ]:lay�zp0\��!9аQ^�8��K%y_;$˶u�߽��9$x�!;�.�X��G^9>o�OM1���fpRb^�sF#w҃a++�H��H!u,5'�t^t%�֓}q�!qjP��3:SwT�+[�Z\�fłBAZ��(��@�R`OH5['#N:JvZfp="��Bt�X�1u�e�}E/c)%Q\(HO�,v>^8Q�%l7 FWE'K;tu{-&��2}m1џ.W`�m�%cIdnkf+eI'O{GH
y�
?9/g�!IB8Q�(n1�x�A\~j_��i�Ԏ(%T�\
/���?m[ė{,�/�=�;SN�$M(�iatKb��.ɔrJ4:<�A�2elO&y=%lQ1 i(KBi%�l"C*]7'�һj]npV�Pto6+Psa붱��yx59*i�(5�~u�.�H�>bG)-�GH
T䵤�
W[ɲ*$�?v�Ƈ!�hqb��wy�~@0G�W倜�b{~T߯I;`=ұGE~#ѴNxM��ĉ#*qYBK+:Q� C�W��./�v�6gFȢ&i{�?�d®%)A�/g�x9[�R�sr�MδE�{�Omh_D(PQ�ESrc��W}0�;*/"�'=K$DÙ馍CL.I߾&3�
+=F���=g�7o��m�T�2#|G$c:�I"�IQU֭EdU)I=Y)DW㻑)C�^G�xL_/@�oǥ�4LZ{~cq�U~(�R�.o.˭\.s2ǵP#�v%ދsq8́qV�)"y�6K`!jv.b5/v�UL&��mquOyc Om�?a"K�rm�G��
?�*4h�g�azS`gƅ=R3��#�@�*y�x�\v�]w71&pQx666�y��)1hTRwo7�lf8�w
��F'�FiO�X��w+O�*?Wc#ޚU>�9d/�7wmf�?/6FU)�cqԴ'_ŕh
ʰ(1Q.Dw{�{s
�? 7E2>DǷQ)��qvϩq_>�W�hjx(n|��ڔ#N斸4\s
SŊ+7�/� e1�"Q(�ջ)@I=I�I3LBaɼޏYy9dfo>P�m5K6w2d@c^h )UCV�@r̳�CL'
4�侍c$nk'lE~��0n!6YY�a�#.gνwV[&Gp�T�Agt&qK�JcuL5���BS+aI,3,�vT;ɒ.:��$�x֥&/˵\\AD�q9*v�oW\H&P<�e,>�ɺD|�_/"��^%w[NOj�:/]{)U<$^�Ute!��+GP�>�0Y]�,�-(����!�SSr�O'}��v9F6hR&/�搠R$"d\ )Ƿ{.��:xu�}?ךx)RZ�!F` �K�X|f�WA�GOKIն}IU%)]^.;}���=��TÒz>�/��HJ
�P�B����(_�=c𑒰Xڞ\ԍXK�ցe-�9`XvȘ���Fߚ,r(�A��a�AB�_92BEjRޔ*/ES.nOΨJ�S�8¢$
C��A D��@
�zqo1e"T$uc�Ѵ�|wԢ/U'9c�Rw�
3Z��5T'P?%s��nsR[J��zDS{:�GYk$^=le;�>Ah�ҙ�HG �T ˗Xv8,A0��@��!���(Dw$Et�yc��ي<(S4-4�$�!�-�Қ/�jC:}1#,�-˜?|{B�7xnI,wA��ݖḏ�&G����x�e�!�D�=�+'Wݐ^^φ�ݗ.�RǠTjud)> t�ŭ>X�>�#ҧᎥ��5E$IZ?c?H�*�Vĕ;ƹO�e8G�p�k}Џޒ�RYɘ=My/*b��Fd zތ>fK�7777@Ziu�VJ�+�R0�X�e<ݴ3��{r,Ӡ�1� R!��A@�"��A@쌊�H٫��sǭ1�"ekL4ַi# >S|&1AC�Q�H�O�a4Y#jf|iST%NU��;
jD@۽ζޙw�y�"ޢ�U�x貇z}CPp�:]yίt��^Y�IǺ5bPa�V�~jcj0rVfϭ�u@�ؠ�,�A4�pX⤿"~B<��뼾MjTȿ��>���ԟS*7U|M4þ�@ttD� !Ko?!x67,v�رǞ\0ܞB�*�R;6'q�GʄU&Qe*3K\kZ�2pԛ�A/m:jFUN� K"1t�G|E-KDݯf֟3pɴa7»yUfg7^�4>4WwY:G�
;P*�?tN�䎽u�d
��ş
_\z'�yT))�h�<5!p��_`B/1�Zǃ�ax��
g!9(��43h�~wЃd62C�./$��m
Z!��ߤ��m_m���G<+
5Ո+{�"Zvm-6љsGW}eX -_Y�gkT��� d&pj2QY'2b?$Q3
ƹ)�~0\",�k�$3aD�+5z/~|p{0KǠ{Ktػ�" 8wiQ /|j~~i//m~'�l�-�'
j/",k;�pO�}a+E3(hMVLm �90z�и�l�="|m8GN�9~>w1G�G�:f�]=[�E���|Qo|Պ�[N+iҡ,X`%��\k>%cOC
g�A&+up'4zaS��@�amI��Yt�pjSFe
f4j��S�u&3F[�鏉zT#?
ML)`G%�BB~0g�A@wwJҩ�&��#bk���D1PS߳\�{��q'�Hr {*Dh;»bTޯ*֜rc[AH�>SSձv2J~_t���\�
�waB(�h�F#IA��wy4o~D?�S9E=1wG>�%&8΅o�{)94i>3�%"&�Jj��id�}$F!t�EϹgD��h�긾\��[���aZ_�[֓3r�h!&sjȧVS|<&�]ZXuZ�{�f@]���&>g�-E(�([�3H�uP��dѳPUP*$�`/�?bTy
�G<)F<�+�&L8h;�bOV=��ںrX+ ~Kmy�5�JrS5�0�Z}Β��qѫE]TX�zX؟�sZ՝�bk<;X?B�2�ئƗZi�TH�p*�G-4��s�"�`6jUmnhk��3~�yqݗ'5*���Ņ�{�`��rs|B偹IL�':�gۍ�~d䕊V.իuZ40p*dc8f?�h �\�z9~Z<ۍ�k�tLt3!>v$�/N�0s{EF^@G�,l6cJrBg+v"m7\%�p+p|{ڊ�o4JzK(ӘAL�Oa��rۺm{�itr4 茦��kYX{0adՄd#jO55}�bxk�@�6cY*f&3ZKi�B;�#�F<1E�:M($)�
T�bЍ�B9OM;I�P}3Y?d=`��'2t/x{q�BJ�=L�~C#hMlÇz�|W:�Nh|'O�^c[�Њ_�>�oIׄQT1w� :{ᛒWZ-��G��_
�6aVFGZq)G)|�}o G#d2z�ޘ�xA8e�#�o�ʊWH7��}�H[g'郀tZꈁ$+e슃B�(�a��FB�@q47H�9l~��V�=3Gym"��|�yh;fQ`�?�}tCR�~.�5$�d��V�>�< x7tXdC��M��]%|ɗtC_�
|9ˠ#kN�1H3/�57?__}Q�՝��c��0䖩US1,�0)�k�MQ(pxi|��wv$��,���@אI�`lƞ3#xHJ
1��a
^´G֜ iu=r�v�r,/Gt/G>u;WXj��
�!�1�g昱GiX$_=��$��@t�R�(b�WE�d�7�@��4G4(Ϗ�B6D���KJTi$z�s�>6�S�40uA:@"\2�GA~2?
:�R�/��5~�:tQS=1U&�}�+$nN��wKM ᅈr$��!%�H$b{=9~)3AҽdzL~Ssˈ�_`��d��Bc�J])0%T
��_3�ʰ�LXU+ʗ���@�ͪg2�q&JZ �J�{�AFA
dh{߃J�7SJS��k۷���grڽ&-rznǣu^y�/;a[k�N|Uw'WO;e<5=X kym21^�
Γ^�9l]283Ks!Yx�9�K��xu�<
/�EL�yx&6n/~�D0/�& F^�-Àec১ urr|lť6N#g%^�N�%ǎ#uԢ@oAK�e>4
5�+U��p���4ħ�yOB3TyD}Qu�x3�
-VN~�9H�I;'�O�?9���!cvY?t.s+4�<�>v͋_�_�^�s��E/>/r�">G/s ?AYN? �9��{3?9s w3]7]?��͑/W@�W9q�r_�\O�����诟CA?�}}̡O)/�)g|�rw�7y@79{��wCɵNr!oY
7NoR�8G9B(^*U�ykOy<߇�yVU ?^`k�W9x
挿
{�9;k?�t'}и�CJWTVLY[lOм�z'JJܓs+Z`~H\]%ds+er6VD=ןcbM�x{,y�J5z�G P��x��m4Dpz�+c@V7��/#^"T�v�v_C1�C�}��f@)w%�b'[{8�z5��'Q?0}qUɤ�i!�f5
桮u̿6'cOЙ�G� ?n
3�q�d7��+��x�qfڔ�C*XIb|33�7r8Hτ[֢wi�|!SB%��
faG:hԞ/{nnbv�'*v\='V!�S YryѻKdg!X)4S�Ǭy@{�}�!j4e:QP/ipx�W)Ӆ�F.������;�v�uV
-?L��?R6Q-c[���.϶{3[;!sk�up�+��)/Հ`m�[?|b#tfL~��.=�S/�9�ty'�W�x43�rS&"5l }_�|n��k��UC3�!A�'Tfg1�6AXRagJ(e�`'Կ�ug���:-C�})L9��H|Q\��kE�eב�e$&N��+�Lɂđwl�F�t8�3G�b}+,RDնZ+F2}jQwب}r:WXsa���YƄ)Նq�xi+PUE0P;Cb�suHL&Ma-��LOkd9Hr%z�u h&.7#�&*�xOX�2Ntx>�=�|nZQؖ�9@6a璷�;�HyE҆_N/&�%|CbF8]x�
"!_R a
�G^|m��B�@:�>C-
�Q
11��&,ڎNM[G�e.Lc0ŴBC_��Z
Q�/~j]O(Ck
�GL��e`m`gh�|��#�nԱ�w���O 7���ooiMv-jLī
J��9٭��/�p,^Zf h|�}́ XsCQ�%7
�=[�u�sVn� ]��r@](����&�\�Tjџf��ѩCvlX@cy`�\3�M`��2#�!*�^�x�9�`]|˼kAў(X�n0w>L��#]ZFc`p
ۂ{ʐ�Xh[���J@)�tnO˟˰��AVx3AEO�K^��rEX�ջ"q:#@Ѻ�v��"�!a|�^nїn-/9@~�b�ٛ�G�m;q3r�eM����RmQ?�pK�ؖE�dM��߶S3pߜ3Q`[_<�t#Q1L)?Hl}=cp�a�|X�� V|+n��/�`h2�uo~�NN70A&mkLȏ,l� [뙗Zg'].Yn4Mb5�"[ݑ^Iidž�WR�ж�5E�3},@a+5\`BO7sSo�+0RO |�-\la�s;}r,s0E�iѼ�;"?㡺_0�kU9s,tj3+�TchGޘ'�,E�1s1�GNg=��Z���{|XK��c.%Ա`=b\8qe�Q3LF�E5rŠ�3a?�U`2M��k�9�2lv.�2X(!�Ŵ"&D0��;'�R:4sh;�[s\TFH6^?t�ft�*�@íōk]�^g"a7��_hy�C?y�bSS2w�ħ$Yw���@��O{r|A>&�:x~ea�� V
|
Enterprise Applications 
