Security and self-description (was Re: Composibility problems with refps

From: Mark Baker <distobj@acm.org> Date: Wed, 24 Nov 2004 13:34:43 -0500 To: Rich Salz <rsalz@datapower.com> Cc: public-ws-addressing@w3.org Message-ID: <20041124183443.GR8237@markbaker.ca> · This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:35:00 GMT

On Wed, Nov 24, 2004 at 01:13:47PM -0500, Rich Salz wrote:
> Not only is self-description good, it seems here to be a security 
> requirement.

Absolutely.  Visibility - and therefore securability - is maximized
when a self-descriptive messaging constraint is adopted.

Of course, in order to fully adopt self-description, RefParams
would have to be outlawed, since they're stateful.  If you use them,
then you've got race conditions.

Mark.
-- 
Mark Baker.   Ottawa, Ontario, CANADA.        http://www.markbaker.ca