[
Lists Home |
Date Index |
Thread Index
]
Yeah just like e-mail is a risk.
Which is, of course, what SOAP works over more than just HTTP. ;-p
This is old bits. There's nothing new here... move along...
Is it me or are is the tech press off on a "what can we bash this week" binge?
----- Original Message -----
From: "Cavnar-Johnson, John" <JCavnar-Johnson@sark.com>
To: "'Rich Salz'" <rsalz@datapower.com>
Cc: <xml-dev@lists.xml.org>
Sent: Friday, January 31, 2003 11:36 AM
Subject: RE: [xml-dev] Elliotte Rusty Harold on Web Services
> Probably something along these lines:
> http://www.counterpane.com/crypto-gram-0006.html
>
> The basic idea is that SOAP is an attempt to sneak past the corporate
> firewall and get some real work done, which, of course, is a security
> problem.
>
> > -----Original Message-----
> > From: Rich Salz [mailto:rsalz@datapower.com]
> > Sent: Friday, January 31, 2003 10:28 AM
> > To: elharo@metalab.unc.edu
> > Cc: xml-dev@lists.xml.org
> > Subject: Re: [xml-dev] Elliotte Rusty Harold on Web Services
> >
> > > ERH has a thought provoking comment on his weblog today
> > > http://www.ibiblio.org/xml/
> > > The security community detests SOAP/XML-RPC/Web Services because
> they
> > > violate fundamental network security principles.
> >
> > Hunh? I'd like to know the basis for this claim.
> > /r$
|
