+1 Mark Nottingham wrote: > > On Tue, Aug 21, 2001 at 02:21:31PM -0400, Mark Baker wrote: > > > > (tho I don't really see the utility in this). > > > > It's primarily for security reasons. A firewall admin should be > > able to identify (for blocking, or further filtering) SOAP based > > protocols being tunneled over application protocols, while permitting > > uses of SOAP that use the application protocols as they were designed > > to be used. > > This is a horrible security mechanism; why in the world would you > trust a label that says "no bomb is in this suitcase?" > > The predominant feedback from sysadmins and IETF-heads that I see > (and happen to agree with) is 'better not label it at all, lest > someone thinks the label actually means something.' This is why > SOAPAction should die IMHO, and any content-type that tries to go > beyond 'this is a SOAP message' should as well; the content type > system is engineered for convenience, not application of security > policy. > > -- > Mark Nottingham > http://www.mnot.net/ >Received on Wednesday, 22 August 2001 09:58:41 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:59:03 GMT