• To: 'Michael Brennan' <Michael_Brennan@A...>, "'Roger L. Costello'" <costello@m...>, xml-dev@l...
• Subject: RE: Web Services Best Practice (was: Interesting XML-DI ST-APP thread)
• From: "Bullard, Claude L (Len)" <clbullar@i...>
• Date: Thu, 10 Jan 2002 15:04:49 -0600

A good article has appeared on XML.COM that takes all of the 
web service specs one at a time and shows how they fit into 
various vendor architectures.  I note several xml languages 
devoted to security issues.   Are any of these good candidates 
in your opinion and experience?  One way to improve shoddy 
practice is with a good standard. (oh... not that again..).

len

-----Original Message-----
From: Michael Brennan [mailto:Michael_Brennan@A...]

I would add that implementors must take appropriate measures to address
security factors, such as confidentiality and non-repudiation. One of my big
fears is that the web services "revolution" will bring us sensitive
transactions flying around the net in clear text without adequate
authentication. I know for a fact that the lack of understanding of security
concerns among most developers is leading to some truly frightening systems,
and the internet today is like a global piece of swiss cheese with gaping
security holes all over the place.

• Follow-Ups:
  • Re: Web Services Best Practice (was: Interesting XML-DI ST-APP thread)
    • From: Gavin Thomas Nicol <gtn@r...>

• Prev by Date: RE: Web Services Best Practice (was: Interesting XML-DIST-APP thread)
• Next by Date: Web Services Best Practice, summary 3
• Previous by thread: SAX2 r2 ... last call!
• Next by thread: Re: Web Services Best Practice (was: Interesting XML-DI ST-APP thread)
• Index(es):
  • Date
  • Thread