W3C home > Mailing lists > Public > xml-dist-app@w3.org > March 2001

Re: Security

From: Rich Salz <rsalz@zolera.com>
Date: Thu, 15 Mar 2001 20:50:27 -0500
Message-ID: <3AB17163.15D3DFAA@zolera.com>
To: Joseph Ashwood <jashwood@arcot.com>
CC: "Clemens F. Vasters" <clemensv@newtelligence.com>, xml-dist-app@w3.org
> there is no way to negotiate a suite of ciphers
> to be used (when possible)

Don't you need at least an offer/accept phase of negotation, implying at
least one extra round-trip?  XP hasn't even decided if request/response
is fundamental, so doing RPC-style security negotiations seems a bit
premature.  I also disagree with the assertion in your previous note
that said there is no encryption for RPC.  I'd point to the DCE RPC
protocol (see DCOM and its security blankets if you prefer), SSL/TLS,
and NFS RPC.
	/r$
Received on Thursday, 15 March 2001 20:48:21 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:58:59 GMT