5.1 Security Considerations for Implementers

  • Article

The Web Services Management Protocol Extensions for Windows Vista uses the WS-Management Security Profiles, as specified in [DMTF-DSP0226] Annex C.3.

The Web Services Management Protocol Extensions for Windows Vista service have to authenticate the request by using one of the configured security profiles. See section 2.2.4.34 and section 3.1.4.1.29.2 for more information on configured profiles.

The Web Services Management Protocol Extensions for Windows Vista service have to authorize the request by using the RootSDDL configuration setting specified in Server Configuration Data Types (section 2.2.4.2).

The Web Services Management Protocol Extensions for Windows Vista clients are required toimplement the following security profiles:

  • wsman:secprofile/http/basic, as specified in [DMTF-DSP0226] Annex C.3.1.

  • wsman:secprofile/https/basic, as specified in [DMTF-DSP0226] Annex C.3.3.

  • wsman:secprofile/https/mutual, specified in [DMTF-DSP0226] Annex C.3.5.

  • wsman:secprofile/https/spnego-kerberos, as specified in [DMTF-DSP0226] Annex C.3.8.

  • wsman:secprofile/http/spnego-kerberos, as specified in [DMTF-DSP0226] Annex C.3.10.

  • wsman:secprofile/http/digest, as specified in [DMTF-DSP0226] Annex C.3.2.

  • wsman:secprofile/https/digest, as specified in [DMTF-DSP0226] Annex C.3.4.

The Web Services Management Protocol Extensions for Windows Vista service have to implement the following security profiles:

  • wsman:secprofile/http/basic specified in [DMTF-DSP0226] Annex C.3.1.

  • wsman:secprofile/https/basic specified in [DMTF-DSP0226] Annex C.3.3.

  • wsman:secprofile/https/mutual, specified in [DMTF-DSP0226] Annex C.3.5.

  • wsman:secprofile/https/spnego-kerberos specified in [DMTF-DSP0226] Annex C.3.8.

  • wsman:secprofile/http/spnego-kerberos specified in [DMTF-DSP0226] Annex C.3.10.<142><143>

The Web Services Management Protocol Extensions for Windows Vista service can implement the following security profiles:

  • wsman:secprofile/http/digest, as specified in [DMTF-DSP0226] Annex C.3.2.

  • wsman:secprofile/https/digest, as specified in [DMTF-DSP0226] Annex C.3.4.