[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Binary XML
- From: Al Snell <alaric@alaric-snell.com>
- To: Stuart Naylor <indtec@eircom.net>
- Date: Fri, 27 Jul 2001 22:37:17 +0100 (BST)
On Thu, 26 Jul 2001, Stuart Naylor wrote:
> My initial interest in XML was due to the pitfalls of using binary
> distributed objects such as COM / CORBA. The protocols worked fine but
> had major problems when presented with a firewall and security settings.
I can confirm that this is purely down to which port it uses.
Using port 80 for your RPCs is a security disaster - firewalls are usually
configured to allow port 80 because no harm can be done by it, presumably.
All the RPCs are supposed to be on different ports, so the firewall admin
can block some of those ports to keep some RPCs local and allow others to
and from the Internet. Putting it all on port 80 will make this impossible
on a port basis; firewall developers will need to complicate their
products (and bugs in firewalls are BAD!) to enable them to look inside
the requests and make policy decisions based upon all sorts of complex
constraints to filter RPCs from Web browsing...
> I am just interested in how binary XML will circum-navigate all the
> security scares that the doom & gloom consultants attach to binary
> methods.
Hmmm... are you getting confused by the problems with Word macros and all
that, perchance? Precisely the same issues arise with HTML email with
embedded Javascript :-)
ABS
--
Alaric B. Snell
http://www.alaric-snell.com/ http://RFC.net/ http://www.warhead.org.uk/
Any sufficiently advanced technology can be emulated in software
- References:
- Binary XML
- From: Stuart Naylor <indtec@eircom.net>