[
Lists Home |
Date Index |
Thread Index
]
- From: Edd Dumbill <edd@usefulinc.com>
- To: Dave Winer <dave@userland.com>
- Date: Sat, 6 May 2000 15:02:42 +0100
On Fri, May 05, 2000 at 02:56:31PM -0700, Dave Winer wrote:
> BTW, Coffee's comments are utterly irresponsible.
>
> "That is a choice that no firewall can keep you from making, unless a
> network administrator applies draconian measures such as barring all e-mail
> other than simple ASCII text files -- and even this defense is bypassed by
> Microsoft's proposed XML-based Simple Object Access Protocol, whose
> active-content messages are expressed in streams of what looks like simple
> text."
Coffee's invocation of SOAP here doesn't work for me. I don't see SOAP
as having "active-content" messages. What is passed is simply an XML
document. If you got a SOAP message in your web browser or your email
client, you'd just see XML, plain and simple.
Yes, there are going to be security ramifications with exposing SOAP
network services, that is common to exposing any network service.
The (in)security of SOAP will be down to the implementors. If MS choose
to make SOAP pervasive then they'll have to work hard to make sure the
security is tight. The experience of the Zope crowd may be useful here,
as XML-RPC is pervasive in their system.
Ah, the dangers of Turing-complete mail readers.
-- Edd
***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************
|