> Ah, got it. Excellent! > My perception "Security Considerations" usually refers to > issues within the thing being defined, and (much) less so its > implications on others. For example, "the password could be exposed," > and not "this may result in arbitrary code being executed in your > webserver." :) You're absolutely right that security considerations usually refers to those things (MarkN said the same thing to me), but I felt that this topic was the most important security consideration for using SOAP. Firewall admins are going to want to know whether they should trust application/soap+xml content, so I want us to be frank about the implications of it. > I think sec3 is wrongly-oriented, but don't (yet) have alternative text > to propose. Then put on your thinkin' cap! 8-) I'm open to any any and all suggestions to improve on it. But I hope you agree that discussing what I explained to you is an important topic. MB -- Mark Baker, Chief Science Officer, Planetfred, Inc. Ottawa, Ontario, CANADA. mbaker@planetfred.com http://www.markbaker.ca http://www.planetfred.comReceived on Friday, 4 January 2002 17:16:22 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:59:05 GMT