- From: Rich Salz <rsalz@datapower.com>
- Date: Sun, 6 Feb 2005 10:21:46 -0500 (EST)
- To: Mark Baker <distobj@acm.org>
- cc: Jonathan Marsh <jmarsh@microsoft.com>, "public-ws-addressing@w3.org" <public-ws-addressing@w3.org>
A significant problem with putting wsa:To as the request-URI is that end-to-end content protection and integrity (signing and encryption) is lost. Or are you saying it should be *copied* and not moved? That's what SMTP typically does, although RCPT-TO isn't the same as the To header (cf mailing lists). That separation isn't something HTTP seems to support, although perhaps it should. Does the issue get resolved if we add a wsa:Request-URI to the EPR /r$ -- Rich Salz Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
Received on Sunday, 6 February 2005 15:21:48 UTC