[
Lists Home |
Date Index |
Thread Index
]
- From: Andrew Layman <andrewl@microsoft.com>
- To: xml-dev@xml.org
- Date: Wed, 10 May 2000 10:38:15 -0700
As Mike suggests, the headers provide an extensibility framework. They
provide a place for security information, and should be composable with the
XML signature work done at the W3C.
-----Original Message-----
From: Mike Sharp [mailto:msharp@lante.com]
Sent: Wednesday, May 10, 2000 10:10 AM
To: xml-dev@xml.org
Subject: Re: SOAP, plague, love
That's what the SOAP Header element is for, to provide for just such a
mechanism, in a transport neutral way. For a simple example, put your PGP
public key in the header element of your request, and I'll return an
encrypted
response in the body. Same goes for authentication. I don't see why the
envelope has to be encrypted, just the contents.
Regards,
Mike Sharp
Yes, it's possible to send SOAP over an encrypted circuit such as SSL, but
SOAP
is supposed to be transport agnostic. How would the encryption be handled
over
SMTP, where there is no SSL?
Dick Brooks
http://www.8760.com/
***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************
***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************
|
