• To: "Cavnar-Johnson, John" <JCavnar-Johnson@s...>
• Subject: Re: Elliotte Rusty Harold on Web Services
• From: Rich Salz <rsalz@d...>
• Date: Fri, 31 Jan 2003 11:57:43 -0500
• Cc: xml-dev@l...
• In-reply-to: <003801c2c946$e5b34520$6401a8c0@cavnarjohnson>
• References: <003801c2c946$e5b34520$6401a8c0@cavnarjohnson>
• User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021130

Cavnar-Johnson, John wrote:
> Probably something along these lines:
> http://www.counterpane.com/crypto-gram-0006.html

Oh, *that* piece.  Sometimes Bruce stretches to make his points, as in:
    That's right. Those pesky firewalls prevent applications from
    sending commands to each other, so SOAP lets vendors hide those
    commands as HTTP so the firewall won't notice.

which is wrong.  SOAP over HTTP is architecturally no worse than HTTP 
POST:  both are sending data and requesting that a server act upon it.

There are an awful lot of members of the network security community 
involved in an awful lot of WS/SOAP security standards; you can find a 
partial survey at http://www.xml.com/pub/a/2003/01/15/ends.html ; 
looking through some of those membership lists will find quite a few 
well-regarded experts, even if not as well known to the general populace 
as Bruce.
	/r$

• Follow-Ups:
  • Re: Elliotte Rusty Harold on Web Services
    • From: Mike Champion <mc@x...>
  • Re: Elliotte Rusty Harold on Web Services
    • From: Mark Baker <distobj@a...>

• References:
  • RE: Elliotte Rusty Harold on Web Services
    • From: "Cavnar-Johnson, John" <JCavnar-Johnson@s...>

• Prev by Date: RE: malfunctioning, evil adult as XML
• Next by Date: Re: Blaming the programmers
• Previous by thread: RE: Elliotte Rusty Harold on Web Services
• Next by thread: Re: Elliotte Rusty Harold on Web Services
• Index(es):
  • Date
  • Thread