deriv676 wrote:
> I know about the ways you can express "trust information" in a WS
> service interface. But the key issue is that this information has to
> be true, so it has to somehow be managed by a third (trusted) party
> (some government agency?). Or the track record of delivering orders of
> that seller is available somewhere, again under the control of some
> trusted third party.
>
> What are the ways to deal with this?
There's nothing in place to make this happen, yet from a trusted source
perspective that I am aware of. But, as soon as there is a popular mechanism,
for managing this, in use, there will be hoards of "trustable" sources :-)
The Jinit Extensible Remote Invocation transport layer has the notion of
InvocationConstraint associated with both the calling and called end of an
invocation. This is marker interface and the spec just requires equals() to
work.
So you can in develop a standard for InvocationConstraints that are about this
kind of stuff. A third party, which provides the information, would provide
the
vendor a signed constraint indicating the level of performance for all the
constraints. They would also provide a constraint validator that would use the
public key to validate the data, and then either say yes this constraint is
satisfied by this connection, or it is not. You'd specify this constraint to
your proxy preparer so that it was one of the asserted/required constraints
that
the remote service would have to meet. Any remote interface that could not
meet
that constraint, would not be usable.
Thus, your client could go through each service, trying to invoke it, and find
the first one that works and use it.
Here's a list of constraints that are provided in Jini2.1.
ClientAuthentication, ClientMaxPrincipal, ClientMaxPrincipalType,
ClientMinPrincipal, ClientMinPrincipalType, Confidentiality,
ConfidentialityStrength, ConnectionAbsoluteTime, ConnectionRelativeTime,
ConstraintAlternatives, Delegation, DelegationAbsoluteTime,
DelegationRelativeTime, DiscoveryProtocolVersion, Integrity,
MulticastMaxPacketSize, MulticastTimeToLive, ServerAuthentication,
ServerMinPrincipal, UnicastSocketTimeout
Gregg Wonderly
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/service-orientated-architecture/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
