FYI WS-I has released a working draft of "Security Scenarios". It's a pretty decent read and I know the topic comes up enough on the list... it may give some an idea of where WS security is heading and maybe expose some limitations that exist today in theory and practice...
http://www.ws-i.org/Profiles/BasicSecurity/2004-02/SecurityScenarios-0.15-WGD.pdf :-) Thunder
