I agree 100% with his analysis. reading it also encouraged me to pay more attention to WS-I as its profiles could evolve into the guiding standards for the 2nd generation WS specifications, like W3C is for the 1st generation.
I know Tarak would agree that although the WS-* standards are confusing, but are, in fact, manageable. I assume he would also agree that these standards are, in fact, required for some distributed systems. and I do agree with him that keeping Web Services applications as simple as possible is the best way to avoid the confusion and complexity of WS-*. But I would also caution that ignoring a WS-* standard that performs a function you need could mean trouble down the road if/when a large number of other systems are built around the standard, and you'll have to play catch-up to be able to work with them.
</div>
I definitely did not intend to promote the notion that most WS-* specifications are to be ignored. That would be irresponsible of me. And you are correct that a lot of the specifications can be used for creating robust distributed systems around Web Services, which is why they were created. That is also reason #1 in my article "KISS your Web Services". But at the same time not all distributed systems require all of the WS-* specifications either. For example, I just rolled off a large project that makes heavy use of Web Services in a distributed environment using only basic SOAP and WSDL. Of course a lot of design went into the effort (this is key). Security and identity info was conveyed thru SOAP headers. I could have used WS-Security, but the complexity was not justified for various reasons. Finally, until a core set of second generation Web Services specifications are univerally accepted/ratified, it's hard to create systems that will support all possible candidates. So use what you need now and leave the future where it should be... in the future.
The only web services I've done have just used basic SOAP and WSDL as well, though I haven't done any mission-critical web services projects yet. I think one of the best reasons for NOT going with WS-Security or another WS-* standard is indeed the fact that none of the 2nd-generation WS specifications are universally accepted.
I hope in the near future I will be needing some kind of security or other feature so I can seriously look at the standards in comparison to a real-world project need. I'll have a much better perspective as to the pros and cons of the standard, and a better way to look at how WS-I is trying to fix the confusion.
Thanks again for stopping by.