[
Lists Home |
Date Index |
Thread Index
]
- From: "Dick Brooks" <dick@8760.com>
- To: "Andrew Layman" <andrewl@microsoft.com>, <xml-dev@xml.org>
- Date: Wed, 10 May 2000 16:09:09 -0500
Andrew,
When you say "the headers provide an extensibility framework", does this
mean each implementer chooses their own headers to indicate that a portion
of the payload is encrypted/signed? Does this also mean I can add headers to
indicate compression and other forms of encoding?
Thanks,
Dick Brooks
http://www.8760.com/
-----Original Message-----
From: owner-xml-dev@xml.org [mailto:owner-xml-dev@xml.org]On Behalf Of
Andrew Layman
Sent: Wednesday, May 10, 2000 12:38 PM
To: xml-dev@xml.org
Subject: RE: SOAP, plague, love
As Mike suggests, the headers provide an extensibility framework. They
provide a place for security information, and should be composable with the
XML signature work done at the W3C.
-----Original Message-----
From: Mike Sharp [mailto:msharp@lante.com]
Sent: Wednesday, May 10, 2000 10:10 AM
To: xml-dev@xml.org
Subject: Re: SOAP, plague, love
That's what the SOAP Header element is for, to provide for just such a
mechanism, in a transport neutral way. For a simple example, put your PGP
public key in the header element of your request, and I'll return an
encrypted
response in the body. Same goes for authentication. I don't see why the
envelope has to be encrypted, just the contents.
Regards,
Mike Sharp
Yes, it's possible to send SOAP over an encrypted circuit such as SSL, but
SOAP
is supposed to be transport agnostic. How would the encryption be handled
over
SMTP, where there is no SSL?
Dick Brooks
http://www.8760.com/
***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************
***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************
***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************
|