Determining from WSDL if a Web service supports XML signature |
 |
EXPERT RESPONSE FROM: Donald Flinn
|
|
|
| > |
QUESTION POSED ON: 04 November 2003
Can you please tell me whether there is some standard way of determining from the WSDL of a Web service if it supports XML signature and/or encryption? Can you also give me a URL at which a Web service provider is supporting XML signature and/or encryption is hosted?
|
|
| > |
At this time the WSDL specification does not address security. There has been discussion in some of the standards committees about addressing security in WSDL. If you and the readers of this Q&A session would send e-mail to this Web site or to myself relative to this subject, it will give me some ammunition to approach the standards committees to develop a solution to this problem.
Specifically, let me know how important is it to have a means of determining from WSDL whether a service supports XML signature and/or encryption? Further, how important is it to determine from the WSDL document what the crypto algorithms and other details of a digital signature and encryption are required and supported by the service provider or are required by the requestor of a Web service? Is this lack of functionality in WSDL causing problems in developing secure Web service products?
This is a chance for you to influence the evolution of Web services in a positive way, so lets hear from you.
Editor's Note: If you wish to weigh in on this issue, you can e-mail us at editor@searchwebservices.com and we will be happy to forward your comments on to Don.
|
|
|
|
|
|
|
|
Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and
answer pairs from more than 250 TechTarget industry experts.
|
|
|
|
|
|
|
|
|
|
|
|
