The Open Geospatial Consortium (OGC) seeks public comment on the OGC Web Services Security Candidate Standard.
For years various implementations of OGC Web Services have integrated some degree of security through Information Assurance (IA) controls . However, these implementations break interoperability, as they each extend the functionality of OGC Web Service (OWS) standards differently. As such, interoperability between secured OGC Web Services and clients is limited to systems custom-built to work with an IA implementation.
The objective of the OGC Web Services Security Standard is to allow the hosting of OWS on HTTPS, the implementation of IA controls and to advertise its existence in an interoperable way with no impact to existing implementations using a backwards-compatible approach. No changes to existing OGC Web Services standards are required. The approach used in this candidate standard is based on existing functionality in the OGC Web Services Capabilities document in a consistent manner.
Uptake of the standardized approach as a build-in to new OGC Web Services standards will ensure security interoperability.
Comments can be submitted to a dedicated email reflector for a thirty day period ending on the "Close request date" listed above, Comments received will be consolidated and reviewed by OGC members for incorporation into the document. Please submit your comments using the following link: requests [at] lists.opengeospatial.org (Click here to submit comments) The link provided above should include a standard template in the message body. If the preloaded message body does not work properly using your mail client, please refer to the following template for the message body: Comments Template