The Web Services Interoperability Organization (WS-I) on Tuesday announced availability of the WS-I Basic Security Profile Working Group Draft, an early version of what is intended to be a guide for use of standards in the development of interoperable Web services.
Feedback is sought on the proposal. WS-I plans to finalize the security profile by mid-year.
The profile focuses on interoperability and addresses transport security, SOAP messaging security, and other security considerations for the WS-I Basic Profile 1.0 and 1.1, Attachments Profile 1.0, and Simple SOAP Binding Profile 1.0. The security profile references specifications such as OASIS Web Services Security 1.0.
Additionally, the profile focuses on interoperability characteristics of HTTP over TLS (Transport Layer Security) and Web Services Security: SOAP Message Security. X.509 certificate technology also is incorporated into the profile. Plans call for adding Kerberos technology. SAML and XRML technologies also may be featured.
The draft can be reviewed at http://www.ws-i.org. Feedback can be submitted to firstname.lastname@example.org.
WS-I includes members such as IBM, Microsoft, SAP AG, and Sun Microsystems.