W3C home > Mailing lists > Public > public-ws-addressing@w3.org > March 2005

RE: RFC 2616 (rfc2616) - Hypertext Transfer Protocol -- HTTP/1.1Re: Minutes of the Web Services Addressing / TAG joint meeting

From: Paul Cotton <pcotton@microsoft.com>
Date: Mon, 7 Mar 2005 15:12:03 -0800
Message-ID: <33D970235519324D988AFFDE7EA2E24C056F83EB@RED-MSG-41.redmond.corp.microsoft.com>
To: "Rice, Ed \(HP.com\)" <ed.rice@hp.com>, <noah_mendelsohn@us.ibm.com>, "Rich Salz" <rsalz@datapower.com>
Cc: "Mark Baker" <distobj@acm.org>, <public-ws-addressing@w3.org>, <www-tag@w3.org>

Maybe because you want to enable intercept e.g. SOAP intermediaries.

/paulc

Paul Cotton, Microsoft Canada 
17 Eleanor Drive, Nepean, Ontario K2E 6A3 
Tel: (613) 225-5445 Fax: (425) 936-7329 
mailto:pcotton@microsoft.com

  

> -----Original Message-----
> From: www-tag-request@w3.org [mailto:www-tag-request@w3.org] On Behalf
Of
> Rice, Ed (HP.com)
> Sent: March 7, 2005 2:02 PM
> To: noah_mendelsohn@us.ibm.com; Rich Salz
> Cc: Mark Baker; public-ws-addressing@w3.org; www-tag@w3.org
> Subject: RE: RFC 2616 (rfc2616) - Hypertext Transfer Protocol --
> HTTP/1.1Re: Minutes of the Web Services Addressing / TAG joint meeting
> 
> 
> Why not use SSL to assure transport without intercept?
> 
> 
> -----Original Message-----
> From: www-tag-request@w3.org [mailto:www-tag-request@w3.org] On Behalf
> Of noah_mendelsohn@us.ibm.com
> Sent: Sunday, March 06, 2005 5:47 PM
> To: Rich Salz
> Cc: Mark Baker; public-ws-addressing@w3.org; www-tag@w3.org
> Subject: RFC 2616 (rfc2616) - Hypertext Transfer Protocol --
HTTP/1.1Re:
> Minutes of the Web Services Addressing / TAG joint meeting
> 
> 
> http://www.faqs.org/rfcs/rfc2616.htmlI wrote:
> 
> > Agreed.  I think what you're giving is an argument not to use a
> network
> or
> > "underlying protocol" with insecure routing if it doesn't meet your
> needs.
> 
> Rich Salz responded:
> 
> > I'm saying that "moving" the wsa:To into an HTTP Request-URI is bad.
> > Duplicating it is acceptable.
> 
> Makes sense, thanks.  I would still expect that anyone messing with
your
> 
> HTTP Request-URI is likely to cause at the very least denial of
service
> due to message misrouting, except in the very particular case that the
> intruder has a hook at the receiving end after the message is
delivered.
> 
> 
> --------------------------------------
> Noah Mendelsohn
> IBM Corporation
> One Rogers Street
> Cambridge, MA 02142
> 1-617-693-4036
> --------------------------------------
> 
> 
> 
> 
Received on Monday, 7 March 2005 23:27:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:35:04 GMT