W3C home > Mailing lists > Public > xml-dist-app@w3.org > May 2000

Re: XML protocol security

From: Michael Condry <Michael.Condry@eng.sun.com>
Date: Wed, 17 May 2000 18:31:19 -0700
Message-Id: <200005171635.e4HGZ6h249460@jurassic.eng.sun.com>
To: "Constantine Plotnikov" <cap@mail.novosoft.ru>, <xml-dist-app@w3.org>
Not clear if you are using it this way. SSL will not
fix this.

IBM showed a great example of SOAP holes  in the 
W3C conference (WWW9) today.

>I think that security is out of scope of XML RPC layer.
>It is layer on top of it. Like SSL is a layer above
>TCP or other stream protocol. 
>
>Because such layers was not fixed yet. I think that we are 
>in unique situation that can allow us to promote other security 
>models. I found capabilty based security very interesting
>model. It is quite unlike ACL model and I think that it suit
>web more becuse it will work better in decentralized web. 
>More information is available at:
>
>http://www.skyhunter.com/marcs/capabilityIntro/index.html
>http://www.caplet.com/security/taxonomy/index.html
>
>Basically I think that there should be following logical 
>layers:
>1. (Secure) Transport Layer (examples: TCP+SSL, https, ...)
>2. Messaging layer (XML-RPC)
>3. Secure Distributed Object Model 
>
>The diffculty with ACL is that they make proofs in layer 3 
>quite difficult. Sandbox model is an variant of it.
>
>The difficulty with capability based secutrity is that this 
>model do not have ready to use simple paradigms of 
>administration. At least I have not found it. I have some
>ideas but have not yet tested them. Capability based security
>is very natural model for mediating services.
>
>Constantine
>
Received on Wednesday, 17 May 2000 12:35:34 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:58:56 GMT