[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: Re: Cookies at XML Europe 2004 -- Call for Participation

• To: Elliotte Rusty Harold <elharo@m...>
• Subject: Re: Re: Cookies at XML Europe 2004 -- Call for Participation
• From: Rich Salz <rsalz@d...>
• Date: Wed, 7 Jan 2004 08:02:32 -0500 (EST)
• Cc: "xml-dev@l..." <xml-dev@l...>
• In-reply-to: <p0601020cbc21a68a68b5@[192.168.254.4]>

> Just to be clear, REST has no objection to running over SSL. REST
> defines a use pattern for application layer protocols. It is
> transport layer agnostic.

I know.  I was merely pointing out that REST lets the lower layers
do things that it won't.  Such as maintaining state on both sides
of the connection which is (all together now) a requirement for good
security.

	/r$

--
Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview      http://www.datapower.com/xmldev/xmlsecurity.html

• Follow-Ups:
  • Re: Re: Cookies at XML Europe 2004 -- Call forParticipation
    • From: Elliotte Rusty Harold <elharo@m...>

• References:
  • Re: Re: Cookies at XML Europe 2004 -- Call forParticipation
    • From: Elliotte Rusty Harold <elharo@m...>

• Prev by Date: Re: Re: Cookies at XML Europe 2004 -- Call forParticipation
• Next by Date: RE: wacky XML
• Previous by thread: Re: Re: Cookies at XML Europe 2004 -- Call forParticipation
• Next by thread: Re: Re: Cookies at XML Europe 2004 -- Call forParticipation
• Index(es):
  • Date
  • Thread