New OGF document published in the Recommendation track: GFD-R-P.131 Title: Secure Addressing Profile 1.0 Author/editors: D. Merrill Abstract: The WS-Addressing 1.0 -- Core specification is often used to address Web Service resources using endpoint reference (EPR) data structures. The WS-Addressing definition of the EPR describes the encapsulation of the network protocol and endpoint information for a given resource, but does not specifically indicate how the EPR can also be used to convey the secure-communication mechanisms (and ancillary security tokens) required by that resource. Such security requirements can be described using WS-Security Policy 1.2 policy documents. This profile document normatively refines the WS-Addressing 1.0 -- Core specification in order to facilitate the inclusion of such WS-SecurityPolicy assertions within WS-Addressing endpoint references. It is often the case that WS-Addressing EPRs may be stored and exchanged by any number of intermediaries (such as directory services) before being consumed for actual communication. With this in mind, a particular interaction scenario may require guarantees of trust regarding the identity of the minter and the integrity of the EPR. This document also normatively describes how XML-Signature is used provide such guarantees. View and download OGF documents here: http://www.ogf.org/gf/docs/?final -- Greg Newby, OGF Editor Dr. Gregory Newby, Chief Scientist of the Arctic Region Supercomputing Center Univ of Alaska Fairbanks-909 Koyukuk Dr-PO Box 756020-Fairbanks-AK 99775-6020 e: newby AT arsc.edu v: 907-450-8663 f: 907-450-8603 w: www.arsc.edu/~newby