[
Lists Home |
Date Index |
Thread Index
]
Perhaps before we take up a petition, all concerned developers
could write a position paper outlining the concerns and possible
remediations and alternatives. This paper could be submitted
to the WSIO although I am not sure by who or what. It would
be best if a grassroots work is picked up by say, OASIS or
even the W3C or both. It is a positive move and contributes
rather than detracts. The WSIO says its mission is to
ensure interoperability. Part of interoperability is
safety and security. We would be helping. My guess is
these threads and the summaries at XML.COM could be the
basis for such a position paper. Perhaps xml.com and
o'reilly could sponsor this.
The WSIO can blithely ignore it, but it would be a
public work and useful if the dire predictions of
Prescod et al come to pass.
len
-----Original Message-----
From: Michael Brennan [mailto:Michael_Brennan@Allegis.com]
> From: Bullard, Claude L (Len) [mailto:clbullar@ingr.com]
<snip/>
> I'm sold on
>
> 1. Training before development of web services.
> 2. Inspection prior to deployment of web services.
> 3. Security testing suites.
> 4. Properly constructed contracts for web services
> that include security provisions and remediation clauses.
>
> Which is how the best will do business anyway and buying
> less than quality is a mistake to begin with. I think that
> list above is a good one for the WSIO to consider.
That sounds great to me.
> I'm not sold on but convinced that web services will result
> in some web service business types becoming regulated businesses
> just as the utilities are. It will take some years and
> a change of administration for that to happen, and probably,
> a catastrophe to get their attention.
Yeah, and unfortunately I think you are right that it will take a
catastrophe -- and even then they will most likely botch it. The government
doesn't have a good track record of *intelligent* regulation of
technology-related matters. Anti-hacker efforts, for instance, seem to have
put more whistle-blowers and good-samaritans in jail then malicious hackers.
It would be wise for the industry to get out in front of this issue. It
would be very wise for the WSIO to take this up.
|