Yes. use of HTTPS and mutual authentication is not a MUST. But an
instance may require it. If an instance requires use of HTTPS R5001 applies
See R5000, R5001 and R5010 [1]
-vivek.
[1]
http://www.ws-i.org/Profiles/BasicProfile-1.1-2004-08-24.html#HTTPSBase
Ryan LeCompte wrote:
> From the WSI 1.1. Basic Profile specification:
>
>
>
>
> 4.7.2 HTTP Transport
>
> The profile limits the underlying transport protocol to HTTP.
>
> R2702 A |wsdl:binding| element in a DESCRIPTION MUST specify the HTTP
> transport protocol with SOAP binding. Specifically, the |transport|
> attribute of its |soapbind:binding| child MUST have the value
> "http://schemas.xmlsoap.org/soap/http".
>
> Note that this requirement does not prohibit the use of HTTPS; See R5000.
>
>
>
> http://www.ws-i.org/Profiles/BasicProfile-1.1-2004-08-24.html#HTTP_Transport
>
> I think this answers my question.
>
> -- Ryan
>
>
> ------------------------------------------------------------------------
> *From:* Ryan LeCompte [mailto:ryan.lecompte_at_pangonetworks.com]
> *Sent:* Friday, November 19, 2004 1:05 PM
> *To:* 'users_at_jax-rpc.dev.java.net'
> *Subject:* WSI 1.1 Compliance
>
> Hello all,
>
> Do any of the actual WSI/WSDL specs specify that a particular web
> service endpoint/client has to support HTTPS as a transport mechanism
> in order to be fully compliant? Also, if HTTPS is called out in the
> spec, does it imply that two-way SSL (mutual authentication) must also
> be supported?
>
> -- Ryan
>
--
Vivek Pandey
Web Services Standards and Technologies
Sun Microsystems Inc.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_jax-rpc.dev.java.net
For additional commands, e-mail: users-help_at_jax-rpc.dev.java.net