W3C home > Mailing lists > Public > xml-dist-app@w3.org > June 2000

RE: SOAP header for authentication etc

From: Laird A Popkin <laird@io.com>
Date: Fri, 9 Jun 2000 11:04:46 -0500 (CDT)
To: Mike Dierken <mike@DataChannel.com>
cc: xml-dist-app@w3.org
Message-ID: <Pine.LNX.4.10.10006091059520.8812-100000@eris.io.com>
When we addressed this issue in ICE, we decided that we would convey
identity of the sender (and, optionally, receiver) in the protocol, but
leave issues of security and trust to the transport layers, since there
are already good solutions in place there.

It's heavily suggested, but not required, that implementations tie
together the notions of identity between the layers (transport, ICE,
application). For example, if ICE is used over authenticated HTTP with
SSL, it's a good idea to issue a different HTTP username and password, or
even digital certificate, to each person with whom you're communicating.

On Wed, 7 Jun 2000, Mike Dierken wrote:

> s: O
> X-Status: 
> X-Keywords:
> X-UID: 1521
> 
> 
> > Any takers for getting together a list of features that people would like?
> > > 
> > > Are there any standard or convetion for specifying 
> > > authentication etc within <SOAP-ENV:Header>?
> > 
> 
> Is 'authentication information' meant to be used in the context of 'perform
> this operation on the behalf of user-x'? or is it 'perform this operation &
> here is a magic key'? or something different?
> 
> Since SOAP can be carried over multiple transports, and those transports
> have mechanisms for user identification, should there be a concept of
> 'inheriting' user identification information from the transport? The
> underlying transport might not have very secure user-id, but when they do it
> may be nice to use them. Would this be the job of a SOAP dispatcher, to
> extract transport info, transform to a unified format & load into the
> header? Can a SOAP dispatcher touch the message or will it ruin
> digest/checksums/etc.?
> 
> Also, should this discussion be made on the SOAP
Received on Friday, 9 June 2000 12:05:01 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:58:56 GMT