OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] REST has too many verbs

[ Lists Home | Date Index | Thread Index ]

Gavin Thomas Nicol wrote:
> > If you do that, you make it extremely difficult to build
> > intermediaries like:
> >
> >  * store-and-forward services
> >  * caches
> >  * firewalls
> >  * proxies
> >  * message routers
> >  * privacy managing intermediaries
> This is not strictly true.

You say that but your message did not provide any evidence.

> I don't think you can assume that visibility is always a good
> thing.... 

Optional visibility is always a good thing. You can turn it off easily
if you don't want it. SSL is an example of turning it off.

> ... and I would say that in many cases, HTTP 1.1 proxies have
> too much visibility, especially from a security perspective.... the
> classic "man in the middle attack" can be made fairly easily unless
> you're using SSL etc.

So you're saying that HTTP can be fairly easily attacked from a security
point of view unless you use the security features.

 Paul Prescod


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS