OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   RE: [xml-dev] Extra headaches of securing XML

[ Lists Home | Date Index | Thread Index ]

That would be my take too.  We're outdriving the headlights 
on roads we've not traveled.  When asked to rebut, I replied 
that they should get security experts and recommended one 
from this list as a place to start.  These are issues worth 
understanding better.


From: Tim Bray [mailto:tbray@textuality.com]

On Mar 30, 2004, at 8:40 AM, Bullard, Claude L (Len) wrote:

> It isn't a very good article.

It could have been worse.  His editor was telling him to write that XML 
was inherently less secure because it was textual and therefore more 
readable.  Yow.  With respect to Web Services, I think the key point is 
indeed that all this WS-mumble stuff is becoming frighteningly complex 
and I'd bet a zillion bucks that there are awful vulnerabilities 
lurking in the cracks where nobody could possibly have thought to look. 


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS