[
Lists Home |
Date Index |
Thread Index
]
- From: "Dick Brooks" <dick@8760.com>
- To: "Dave Winer" <dave@userland.com>, "XML-Dev Mailing list" <xml-dev@XML.ORG>
- Date: Fri, 5 May 2000 17:58:59 -0500
Dave Winer said:
>In fact SOAP and XML-RPC are no more or less secure than CGI scripts.
Actually Dave, CGI implementers can apply as much or as little security into
a CGI script as needed. For example, every business transaction sent via the
Gas Industry Standard Board (GISB) Electronic Delviery Mechanism (EDM) is
encrypted and digitally signed prior to transmission. I don't believe
XML-RPC nor SOAP include privacy, authentication, integrity or
non-repudiation capabilities. IMO, the GISB EDM standard is far more secure
and a better B2B solution than XML-RPC and SOAP.
Dick Brooks
http://www.8760.com/
-----Original Message-----
From: owner-xml-dev@xml.org [mailto:owner-xml-dev@xml.org]On Behalf Of
Dave Winer
Sent: Friday, May 05, 2000 4:48 PM
To: XML-Dev Mailing list
Subject: Re: SOAP, plague, love
In fact SOAP and XML-RPC are no more or less secure than CGI scripts.
When you're putting up public Internet apps, or private ones that people
could sneak into, remember Murphy's Law and think paranoid.
Dave
***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************
***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************
|
