Cart
[Home] [By Thread] [By Date] [Recent Entries]
Gavin Thomas Nicol wrote: > >... > > The problem here is security. Once you open things up, you have to > deal with the issue of disclosure of resources. Intermediaries > complicate the problem too (already do in the web. Who knows whose > spoofing whom). I don't really know how HTTP makes this any harder than anything else. At least HTTP has a security model. Security for RPC seems a very difficult (intractable?) problem. HTTP has a very understandable but flexible security model. I would say that many services need nothing more complex than "rwx" ACLs. > ... Peer-to-peer HTTP is fine for asycnronous work (I POST > a request, you POST a response), but there are issues in the apparent > simplicity. Those kinks need to get ironed out before this really > takes off. I agree. But the cost of ironing out a few kinks is already dwarfed by the amount of money that has been poured into SOAP RPC. Paul Prescod
|
