http://www.eweek.com/article2/0,3959,290627,00.asp June 27, 2002 By Darryl K. Taft Moving ahead on promises made when they formed the initiative in April, IBM, Microsoft Corp. and VeriSign Inc. Thursday announced that they will submit the latest version of the Web Services Security (WS-Security) specification to the Organization for the Advancement of Structured Information Standards for ongoing development. The WS-Security specification is a leading Web services standards effort to support, integrate and unify multiple security models, mechanisms and technologies, allowing a variety of systems to interoperate in a platform- and language-neutral manner, the companies said. Eric Newcomer, chief technology officer of Iona Technologies Inc., in Waltham, Mass., and a founding member of the working group that will handle the WS-Security standards effort within OASIS, said from his perspective IBM and Microsoft grew "impatient" with the efforts of the Worldwide Web Consortium (W3C) to deliver a standard around security and Web services. Newcomer, a member of the W3C Web Services Architecture Working Group, said the group has been trying to create a security working group at the W3C to no avail. "It's hard to do," he said. However, "I'd say it's a good choice," Newcomer said of the decision to push the standard through OASIS. "They have a good track record" delivering standards, he said. In addition to Iona, many OASIS member companies pledged support for WS-Security, including Baltimore Technologies plc., BEA Systems Inc., Documentum Inc., Entrust Inc., Netegrity Inc., Novell Inc., Oblix Inc., RSA Security Inc., SAP AG, Sun Microsystems Inc., Systinet Corp. and Vodafone Group plc. With this announcement, IBM, Microsoft and VeriSign strengthened their commitment to build and deliver standards-based security solutions, the companies said. The three companies will continue to work together to advance standards-based specifications that will allow for comprehensive Web services security solutions as outlined in the "Security in a Web Services World" road map, which was drafted by IBM and Microsoft in April. "We have to make some progress, and we have to get this stuff standardized," Newcomer said. The WS-Security specification, which provides the foundation for that road map, defines a standard set of Simple Object Access Protocol (SOAP) extensions, or message headers, which can be used to implement integrity and confidentiality in Web services applications. Web services are applications that can be accessed through XML and SOAP-based protocols, making them platform- and language-independent. WS-Security provides a foundation layer for secure Web services, laying the groundwork for higher-level facilities such as federation, policy and trust. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Jun 28 2002 - 04:19:18 PDT