|
1.
|
Clear description of the referenced document:
|
|
|
|
|
2.
|
Status of approval:
|
|
|
"Final Material" specification approved on 2007-03-30.
|
|
3.
|
Justification for the specific reference:
|
|
|
The OASIS/WS-I Basic Security Profile Version 1.0 is needed for web services security in applications defined in Continua Design Guidelines.
|
|
4.
|
Current information, if any, about IPR issues:
|
|
|
N/A
|
|
5.
|
Other useful information describing the "Quality" of the document:
|
|
|
In existence since 2007.
|
|
6.
|
The degree of stability or maturity of the document:
|
|
|
In existence since 2007.
|
|
7.
|
Relationship with other existing or emerging documents:
|
|
|
N/A
|
|
8.
|
Any explicit references within that referenced document should also be listed:
|
|
|
RFC 2818: HTTP over TLS/
RFC 2246: The TLS Protocol Version 1.0/
The SSL Protocol Version 3.0 (http://wp.netscape.com/eng/ssl3/ssl-toc.html)/
/
Web Services Security: SOAP Message Security 1.0 (WS-Security 2004), OASIS Standard 200401, March 2004/
Web Services Security: SOAP Message Security 1.0 (WS-Security 2004), Errata 1.0 Committee Draft 200512, December 2005/
Basic Profile Version 1.0 (BP1.0)/
Basic Profile Version 1.0 Errata/
Basic Profile Version 1.1 (BP1.1)/
Simple SOAP Binding Profile Version 1.0 (SSBP1.0)/
XML-Signature Syntax and Processing (http://www.w3.org/TR/xmldsig-core/)/
XML Encryption Syntax and Processing (http://www.w3.org/TR/xmlenc-core/)/
Web Services Security: UsernameToken Profile 1.0, OASIS Standard 200401, March 2004/
Web Services Security: UsernameToken Profile 1.0, Errata 1.0 Committee Draft 200401, September 2004/
/
Web Services Security: X.509 Certificate Token Profile, OASIS Standard 200401, March 2004/
Web Services Security: X.509 Token Profile 1.0, Errata 1.0 Committee Draft 200512, December 2005/
RFC2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile/
Information technology "Open Systems Interconnection" The Directory: Public-key and attribute certificate frameworks Technical Corrigendum 1/
/
Web Services Security: Rights Expression Language (REL) Token Profile 1.0, OASIS Standard: 19 December 2004/
/
Web Services Security: Kerberos Token Profile 1.1, OASIS Standard Specification, 1 February 2006/
/
Web Services Security: SAML Token Profile 1.0, OASIS Standard, 01 Dec. 2004/
/
Attachments Profile Version 1.0 (AP1.0) (http://www.ws-i.org/Profiles/AttachmentsProfile-1.0.html)/
Web Services Security: SOAP Messages with Attachments (SwA) Profile 1.1, OASIS Standard, 1 February 2006
|
|
9.
|
Qualification of
OASIS:
|
|
|
OASIS is recognized under the provisions of ITU-T Recommendations A.5 and A.4. Qualifying information is on file at TSB.
|
|
10.
|
Other (for any supplementary information):
|
|
|
Approved originally in 2007 by The Web Services-Interoperability Organization (WS-I), which subsequently merged with OASIS, which now publishes and maintains the WS-I specifications.
|
