OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] What Does SOAP/WS Do that A REST System Can't?

[ Lists Home | Date Index | Thread Index ]

> Architectural constraints such as statelessness, are constraints on
> form, not function; what you're talking about *is* possible.

Wow, news to me.  Thanks.

>  The
> issue will be whether the larger message size in the stateless
> solution will be acceptable or not.  How much state are you're talking
> about?

Let's assume RSA with a key size of 2K bits, maybe sometimes 4K.  A
signature is the same as the key size, so you're talking 256 or 512 bytes,
plus the data being signed, of coruse.

At least one certificate will have to flow in each direction.  A
certificate is signed and has a couple-K of data, so call it 2-4Kbytes
per cert.

The data being signed is context dependant.  For SSL it's a running
hash of *all* messages the two parties have exchanged.  That's a
small amount of state (20 bytes for SHA1), but assumes a reliable
byte-stream protocol. :)

Does that help?
Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS