509, and the RP supports only Kerberos, there??™s no way for the
two to engage in a transaction, at least until one of the two acquires
a capability compatible with one of the other party. The
negotiation protocol cannot perform miracles and instantly
make Italians speak Chinese; however, it is still useful for gaining
knowledge of the requisites. It is important that the negotiation
phase be embedded in the Metasystem, instead of being left
as an explicit integration task to the parties, so that the format in
which requirements are expressed is as formal as possible and
the stage is completed without imposing burdens on the parties??™
implementers. In the section ???WS-* Implementation of the
Identity Metasystem,??? we describe WS-MetadataExchange, a
concrete example of a negotiation protocol that enables querying
web services for dynamically discovered policies.
Because the Metasystem does not de?¬?ne an authentication technology
of its own, reaching an agreement on that requirement is
a necessary condition for any transaction to take place. It is also
important, however, to make sure that all parties understand
other kinds of requirements less bonded to implementation details.
Pages:
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223