[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] RE: SOAP, plague, love
It may be entirely desireable that you use mime to create an indication that a SOAP message is signed, encrypted etc. but it is surely not a necessity. You may have a policy that says 'whatever' comes through my firewall must have a standard envelope around it to identify itself - but then once through the contents are a separate issue. The only tricky requirement for exchange as I see it is non-repudiation, which cannot reliably be done without a third party - however this has nothing at all to do with XML, and that's what I like! DG . . . . . . . . . . . . . . . . . David Galbraith - Chief Architect Moreover.com - the webfeed company david@m... 415-577-8828 (US) 0777-565-8880 (UK) favorite webfeed: http://www.moreover.com/xml > -----Original Message----- > From: owner-xml-dev@x... [mailto:owner-xml-dev@x...]On Behalf Of > Jonathan Borden > Sent: Sunday, May 07, 2000 10:32 AM > To: xml-dev@x... > Subject: RE: SOAP, plague, love > > > Dick Brooks wrote: > > > > David, > > > > If I sent a PGP encrypted/signed document as a call parameter > > using SOAP how > > would the receiver know the information was signed/encrypted. Is > > there a way > > to indicate the data is signed/encrypted using SOAP constructs? If not, > > does this mean I have to package SOAP in another envelope, MIME perhaps? > > > > 'SOAP' would not need to be packaged in another envelope, > but the PGP > signed/encrypted paramater would need to be represented in a way > that would > enable it to be inserted into a valid XML document as a sub-tree. > > This is the exact situation that XMTP > (http://jabr.ne.mediaone.net/documents/xmtp.htm) > handles. XMTP is a mechanism to represent SMTP/MIME messages in valid XML, > as such the XMTP converted PGP document can be inserted into the XML > envelope as the 'parameter'. What this does in effect is create an XMTP > document envelope which represents whatever you would otherwise > represent in > MIME. E.g. (simplified for readability) > > <MIME> > <Content-type>multipart/encrypted</Content-type> > <Parts> > <MIME> > <Content-ID>document</Content-ID> > <Content-transfer-encoding>base64</Content-transfer-encoding> > <Body>...</Body> > </MIME> > <MIME> > <Content-ID>signature</Content-ID> > <Body>...</Body> > </MIME> > </Parts> > </MIME> > > So, the answer is yes :-) > > Jonathan Borden > > > ****************************************************************** > ********* > This is xml-dev, the mailing list for XML developers. > To unsubscribe, mailto:majordomo@x...&BODY=unsubscribe%20xml-dev > List archives are available at http://xml.org/archives/xml-dev/ > ****************************************************************** > ********* > *************************************************************************** This is xml-dev, the mailing list for XML developers. To unsubscribe, mailto:majordomo@x...&BODY=unsubscribe%20xml-dev List archives are available at http://xml.org/archives/xml-dev/ ***************************************************************************
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|