xml-dev - RE: [xml-dev] Benefits of SOAP?

RE: [xml-dev] Benefits of SOAP?

[ Lists Home | Date Index | Thread Index ]

To: "Rich Salz" <rsalz@datapower.com>,"Dennis Sosnoski" <dms@sosnoski.com>
Subject: RE: [xml-dev] Benefits of SOAP?
From: "Paul Sumner Downey" <Paul.Downey@whatfettle.com>
Date: Mon, 16 Feb 2004 21:11:46 -0000
Cc: <xml-dev@lists.xml.org>
Importance: Normal
In-reply-to: <Pine.LNX.4.44L0.0402152208060.15664-100000@smtp.datapower.com>

Someone i know who has been trialing WS-Security implementations has hit
some real show-stoppers, in particular getting some of the vendors mentioned
work with some significant others. Getting current implementations to
exchange encrypted and signed messages isn't something i'd like to rely upon
ATM.

This shouldn't be anything much to write about here, except it's worth
noting that these are invariably /implementation/ issues in areas which are
well specified. Getting vendors to perform /practical/ interoperability
testing, rather than just endlessly discuss the wording in specifications is
very, very difficult.

Paul

--
Paul Sumner Downey
http://blog.whatfettle.com


-----Original Message-----
From: Rich Salz [mailto:rsalz@datapower.com]
Sent: 16 February 2004 03:11
To: Dennis Sosnoski
Cc: xml-dev@lists.xml.org
Subject: Re: [xml-dev] Benefits of SOAP?


> there's limited cross-platform support for WS-Security currently
> deployable, though there have been some demonstration hookups.

In my experience is better than that.  We have customers in
production that regularly interop among our product, IBM, Microsoft,
and some others.

> course, you can also get the same end-to-end message integrity and
> selective data privacy using XML Encryption and XML Signature, which are
> what WS-Security wraps.

It's a subtle point, but unless you use something like WS-Sec, than
you cannot sign arbitrary XML content unless you change every
single schema to include an enveloped XML Dsig.  That's not feasible.
Possible, but not feasible; you really do need WS-Sec and SOAP if you
want to exchange messages with end-to-end content integrity.

        /r$

--
Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview      http://www.datapower.com/xmldev/xmlsecurity.html


-----------------------------------------------------------------
The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
initiative of OASIS <http://www.oasis-open.org>

The list archives are at http://lists.xml.org/archives/xml-dev/

To subscribe or unsubscribe from this list use the subscription
manager: <http://lists.xml.org/ob/adm.pl>

References:
- Re: [xml-dev] Benefits of SOAP?
  - From: Rich Salz <rsalz@datapower.com>

Prev by Date: RE: [xml-dev] RE: id proxy
Next by Date: RE: [xml-dev] document XML inside another document XML using XLINK
Previous by thread: Re: [xml-dev] Benefits of SOAP?
Next by thread: Re: [xml-dev] Benefits of SOAP?
Index(es):
- Date
- Thread