-
Feature Request
-
Resolution: Obsolete
-
Major
-
None
-
None
Please vote for WS-SecurityPolicy if this is relevant to your enterprise web services
http://www-128.ibm.com/developerworks/library/specification/ws-secpol/
The recently updated Web Services Security Policy Language (WS-SecurityPolicy) specification defines a set of security policy assertions which apply to Web Services Security: SOAP Message Security, WS-Trust, and WS-SecureConversation. This document takes the approach of defining a base set of assertions that describe how messages are to be secured. Flexibility with respect to token types, cryptographic algorithms, and mechanisms used, including using transport-level security, is part of the design and allows for evolution over time. The intent is to provide enough information for compatibility and interoperability to be determined by Web services participants, along with all information necessary to actually enable a participant to engage in a secure exchange of messages.