I know you all get annoyed with high level articles, but I felt it was important to get one out there that simply went after the high level benefits of WS-Security and why you would want to use Web Services Enhancements (WSE). I compiled a slew of internal and external discussions and worked with Benjamin Mitchell to get this article written. Tell me what you think. What benefits have you gained? Are they in line with what is compiled in this article?
In my mind, the two most powerful new concepts that did not exist in previous distributed computing infrastructures in the Web Services Architecture is Policy and Message Level Security. I describe policy simply i.e. the ability to describe how you communicate with a services beyond what data to send e.g. your security requirements. As far as Message Level Security is concerned, I love:
What strikes you about Message Level Security and policy?