xml-dev - Re: [xml-dev] Generality of HTTP

Re: [xml-dev] Generality of HTTP

[ Lists Home | Date Index | Thread Index ]

To: xml-dev@lists.xml.org
Subject: Re: [xml-dev] Generality of HTTP
From: Paul Prescod <paul@prescod.net>
Date: Mon, 21 Jan 2002 20:15:14 -0800
Cc: Mark Baker <distobj@acm.org>
References: <200201220237.VAA25015@markbaker.ca> <E16SrsT-000147-00@server2000.ebizhostingsolutions.com>

Gavin Thomas Nicol wrote:
> 
>...
> 
> The problem here is security. Once you open things up, you have to
> deal with the issue of disclosure of resources. Intermediaries
> complicate the problem too (already do in the web. Who knows whose
> spoofing whom). 

I don't really know how HTTP makes this any harder than anything else.
At least HTTP has a security model. Security for RPC seems a very
difficult (intractable?) problem. HTTP has a very understandable but
flexible security model. I would say that many services need nothing
more complex than "rwx" ACLs.

> ... Peer-to-peer HTTP is fine for asycnronous work (I POST
> a request, you POST a response), but there are issues in the apparent
> simplicity. Those kinks need to get ironed out before this really
> takes off.

I agree. But the cost of ironing out a few kinks is already dwarfed by
the amount of money that has been poured into SOAP RPC.

 Paul Prescod

Follow-Ups:
- Re: [xml-dev] Generality of HTTP
  - From: Gavin Thomas Nicol <gtn@rbii.com>

References:
- Re: [xml-dev] Generality of HTTP
  - From: Mark Baker <distobj@acm.org>
- Re: [xml-dev] Generality of HTTP
  - From: Gavin Thomas Nicol <gtn@rbii.com>

Prev by Date: Re: [xml-dev] Generality of HTTP
Next by Date: Re: [xml-dev] Generality of HTTP
Previous by thread: Re: [xml-dev] Generality of HTTP
Next by thread: Re: [xml-dev] Generality of HTTP
Index(es):
- Date
- Thread