OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   RE: SOAP, plague, love

[ Lists Home | Date Index | Thread Index ]
  • From: "David Galbraith" <david@moreover.com>
  • To: <xml-dev@xml.org>
  • Date: Sun, 7 May 2000 08:32:10 -0700

It may be entirely desireable that you use mime to create an indication that
a SOAP message is signed, encrypted etc. but it is surely not a necessity.
You may have a policy that says 'whatever' comes through my firewall must
have a standard envelope around it to identify itself - but then once
through the contents are a separate issue.

The only tricky requirement for exchange as I see it is non-repudiation,
which cannot reliably be done without a third party - however this has
nothing at all to do with XML, and that's what I like!

DG

. . . . . . . . . . . . . . . . .
David Galbraith - Chief Architect
Moreover.com - the webfeed company
david@moreover.com
415-577-8828 (US)
0777-565-8880 (UK)
favorite webfeed:
http://www.moreover.com/xml

> -----Original Message-----
> From: owner-xml-dev@xml.org [mailto:owner-xml-dev@xml.org]On Behalf Of
> Jonathan Borden
> Sent: Sunday, May 07, 2000 10:32 AM
> To: xml-dev@xml.org
> Subject: RE: SOAP, plague, love
>
>
> Dick Brooks wrote:
> >
> > David,
> >
> > If I sent a PGP encrypted/signed document as a call parameter
> > using SOAP how
> > would the receiver know the information was signed/encrypted. Is
> > there a way
> > to indicate the data is signed/encrypted using SOAP constructs?  If not,
> > does this mean I have to package SOAP in another envelope, MIME perhaps?
> >
>
> 	'SOAP' would not need to be packaged in another envelope,
> but the PGP
> signed/encrypted paramater would need to be represented in a way
> that would
> enable it to be inserted into a valid XML document as a sub-tree.
>
> 	This is the exact situation that XMTP
> (http://jabr.ne.mediaone.net/documents/xmtp.htm)
> handles. XMTP is a mechanism to represent SMTP/MIME messages in valid XML,
> as such the XMTP converted PGP document can be inserted into the XML
> envelope as the 'parameter'. What this does in effect is create an XMTP
> document envelope which represents whatever you would otherwise
> represent in
> MIME. E.g. (simplified for readability)
>
> <MIME>
> <Content-type>multipart/encrypted</Content-type>
> <Parts>
>    <MIME>
> 	<Content-ID>document</Content-ID>
> 	<Content-transfer-encoding>base64</Content-transfer-encoding>
> 	<Body>...</Body>
>     </MIME>
>     <MIME>
> 	<Content-ID>signature</Content-ID>
> 	<Body>...</Body>
>     </MIME>
> </Parts>
> </MIME>
>
> 	So, the answer is yes :-)
>
> Jonathan Borden
>
>
> ******************************************************************
> *********
> This is xml-dev, the mailing list for XML developers.
> To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
> List archives are available at http://xml.org/archives/xml-dev/
> ******************************************************************
> *********
>


***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************




 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS