xml-dev - Re: [xml-dev] SOAP-RPC and REST and security

Re: [xml-dev] SOAP-RPC and REST and security

[ Lists Home | Date Index | Thread Index ]

To: Gavin Thomas Nicol <gtn@rbii.com>
Subject: Re: [xml-dev] SOAP-RPC and REST and security
From: Paul Prescod <paul@prescod.net>
Date: Tue, 19 Feb 2002 21:53:08 -0800
Cc: xml-dev@lists.xml.org
References: <JISRSOOTTOIH1UTQC8TNJFVSSPHCF.3c7316a4@MChamp> <E16dOoz-0003UA-00@server2000.ebizhostingsolutions.com>

Gavin Thomas Nicol wrote:
> 
>...
> 
> Given that most initial RESTful applications will use HTTP, I can't
> see how they'd be intrinsically any safer than SOAP over HTTP.
> 
> FWIW. One of the basics of security is the notion of "least privilege"
> which web services (indeed the web in general) almost explicitly goes
> against because of the global namespaces.

How is "being in the same namespace" a priviledge?

 Paul Prescod

Follow-Ups:
- Re: [xml-dev] SOAP-RPC and REST and security
  - From: Gavin Thomas Nicol <gtn@rbii.com>

References:
- SOAP-RPC and REST and security
  - From: Mike Champion <mc@xegesis.org>
- Re: [xml-dev] SOAP-RPC and REST and security
  - From: Gavin Thomas Nicol <gtn@rbii.com>

Prev by Date: Re: [xml-dev] SOAP-RPC and REST and security
Next by Date: RE: [xml-dev] SOAP-RPC and REST and security
Previous by thread: Re: [xml-dev] SOAP-RPC and REST and security
Next by thread: Re: [xml-dev] SOAP-RPC and REST and security
Index(es):
- Date
- Thread