As part of an extensive review of the ITK Architecture Specifications during the latter half of 2012, a team of representatives from the Centre and the suppliers agreed a number of changes to the way ITK messages are authenticated.
The changes reflected implementation difficulties presented by the nature of the WS-Security header signing specification given current development platforms, and addressed the inclusion in ITK, of multi-hop and non-SOAP transports. Technical details on the reasons for these changes are given in ITK Security Briefing Paper – Strawman Proposals.
The concessions discussed here will form part of the intended refresh and update to the ITK Architecture Specifications planned for completion by autumn 2013.
Releases of this item must be used in conjunction with the ITK Web Services Transport Specification found within the related documents section of the ITK Core releases.
Email questions or feedback to email@example.com.
Released on Wednesday, 9 January 2013.