A pet peeve of mine lately is the mis-labeling of the WS-* protocols (WS-Security, WS-Policy, etc...) as “WS-I Protocols”.
The WS-I organization is simply an industry group that provides guidance to people interested in IMPLEMENTING web services and web services toolkits. This guidance (in the form of specifications) is intended to help guarantee interoperability among the various web service implementations.
Specifications like the Basic Profile 1.0 from the WS-I are basically a list of existing protocols and implementation 'rules' intended as guidance to help the rest of us know what will work together. If a product/technology is represented as being BP 1.0 compliant, we should feel somewhat confident that it will be able to talk to another BP 1.0 compliant ws messaging stack.
The protocols included in the WS-I specification come from standards bodies such as the W3C, IETF, OASIS and others. WS-I does not 'create' the protocols, just the guidance on which ones to use and how to use them in order to obtain some level of interop comfort.
If this is now clear to everyone else out there, I apologize for the ranting.